0s autopkgtest [18:21:08]: starting date and time: 2024-03-20 18:21:08+0000 0s autopkgtest [18:21:08]: git checkout: 4a1cd702 l/adt_testbed: don't blame the testbed for unsolvable build deps 0s autopkgtest [18:21:08]: host juju-7f2275-prod-proposed-migration-environment-2; command line: /home/ubuntu/autopkgtest/runner/autopkgtest --output-dir /tmp/autopkgtest-work._fpihg1k/out --timeout-copy=6000 --setup-commands /home/ubuntu/autopkgtest-cloud/worker-config-production/setup-canonical.sh --apt-pocket=proposed=src:systemd --apt-upgrade sssd --timeout-short=300 --timeout-copy=20000 --timeout-build=20000 --env=ADT_TEST_TRIGGERS=systemd/255.4-1ubuntu5 -- ssh -s /home/ubuntu/autopkgtest/ssh-setup/nova -- --flavor autopkgtest --security-groups autopkgtest-juju-7f2275-prod-proposed-migration-environment-2@bos01-arm64-19.secgroup --name adt-noble-arm64-sssd-20240320-182108-juju-7f2275-prod-proposed-migration-environment-2 --image adt/ubuntu-noble-arm64-server --keyname testbed-juju-7f2275-prod-proposed-migration-environment-2 --net-id=net_prod-proposed-migration -e TERM=linux -e ''"'"'http_proxy=http://squid.internal:3128'"'"'' -e ''"'"'https_proxy=http://squid.internal:3128'"'"'' -e ''"'"'no_proxy=127.0.0.1,127.0.1.1,login.ubuntu.com,localhost,localdomain,novalocal,internal,archive.ubuntu.com,ports.ubuntu.com,security.ubuntu.com,ddebs.ubuntu.com,changelogs.ubuntu.com,launchpadlibrarian.net,launchpadcontent.net,launchpad.net,10.24.0.0/24,keystone.ps5.canonical.com,objectstorage.prodstack5.canonical.com'"'"'' --mirror=http://us.ports.ubuntu.com/ubuntu-ports/ 96s autopkgtest [18:22:44]: testbed dpkg architecture: arm64 97s autopkgtest [18:22:45]: testbed apt version: 2.7.12 97s autopkgtest [18:22:45]: @@@@@@@@@@@@@@@@@@@@ test bed setup 97s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 98s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [3809 kB] 98s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [501 kB] 98s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [6540 B] 98s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [53.9 kB] 98s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 Packages [690 kB] 98s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 c-n-f Metadata [3144 B] 98s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted arm64 Packages [41.7 kB] 98s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted arm64 c-n-f Metadata [116 B] 98s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe arm64 Packages [4224 kB] 98s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe arm64 c-n-f Metadata [8528 B] 98s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse arm64 Packages [67.6 kB] 98s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse arm64 c-n-f Metadata [116 B] 101s Fetched 9523 kB in 2s (5853 kB/s) 101s Reading package lists... 103s Reading package lists... 104s Building dependency tree... 104s Reading state information... 104s Calculating upgrade... 104s The following packages will be REMOVED: 104s libssl3 104s The following NEW packages will be installed: 104s libssl3t64 104s The following packages will be upgraded: 104s libnss-systemd libpam-systemd libsystemd-shared libsystemd0 libudev1 systemd 104s systemd-dev systemd-resolved systemd-sysv systemd-timesyncd ubuntu-minimal 104s ubuntu-standard udev 104s 13 upgraded, 1 newly installed, 1 to remove and 0 not upgraded. 104s Need to get 10.5 MB of archives. 104s After this operation, 98.3 kB of additional disk space will be used. 104s Get:1 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 systemd-resolved arm64 255.4-1ubuntu5 [291 kB] 105s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libnss-systemd arm64 255.4-1ubuntu5 [154 kB] 105s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 systemd-dev all 255.4-1ubuntu5 [103 kB] 105s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libssl3t64 arm64 3.0.13-0ubuntu2 [1793 kB] 105s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 systemd arm64 255.4-1ubuntu5 [3403 kB] 105s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 udev arm64 255.4-1ubuntu5 [1852 kB] 105s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 systemd-sysv arm64 255.4-1ubuntu5 [11.9 kB] 105s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libpam-systemd arm64 255.4-1ubuntu5 [232 kB] 105s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 systemd-timesyncd arm64 255.4-1ubuntu5 [34.8 kB] 105s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libsystemd-shared arm64 255.4-1ubuntu5 [2016 kB] 105s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libudev1 arm64 255.4-1ubuntu5 [173 kB] 105s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libsystemd0 arm64 255.4-1ubuntu5 [424 kB] 105s Get:13 http://ftpmaster.internal/ubuntu noble/main arm64 ubuntu-minimal arm64 1.536build1 [10.7 kB] 105s Get:14 http://ftpmaster.internal/ubuntu noble/main arm64 ubuntu-standard arm64 1.536build1 [10.7 kB] 106s Fetched 10.5 MB in 1s (11.1 MB/s) 106s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 75850 files and directories currently installed.) 106s Preparing to unpack .../systemd-resolved_255.4-1ubuntu5_arm64.deb ... 106s Unpacking systemd-resolved (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 106s Preparing to unpack .../libnss-systemd_255.4-1ubuntu5_arm64.deb ... 106s Unpacking libnss-systemd:arm64 (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 106s Preparing to unpack .../systemd-dev_255.4-1ubuntu5_all.deb ... 106s Unpacking systemd-dev (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 106s dpkg: libssl3:arm64: dependency problems, but removing anyway as you requested: 106s wget depends on libssl3 (>= 3.0.0). 106s u-boot-tools depends on libssl3 (>= 3.0.0). 106s tnftp depends on libssl3 (>= 3.0.0). 106s tcpdump depends on libssl3 (>= 3.0.0). 106s systemd depends on libssl3 (>= 3.0.0). 106s sudo depends on libssl3 (>= 3.0.0). 106s sbsigntool depends on libssl3 (>= 3.0.0). 106s rsync depends on libssl3 (>= 3.0.0). 106s python3-cryptography depends on libssl3 (>= 3.0.0). 106s openssl depends on libssl3 (>= 3.0.9). 106s openssh-server depends on libssl3 (>= 3.0.10). 106s openssh-client depends on libssl3 (>= 3.0.10). 106s mtd-utils depends on libssl3 (>= 3.0.0). 106s mokutil depends on libssl3 (>= 3.0.0). 106s linux-headers-6.8.0-11-generic depends on libssl3 (>= 3.0.0). 106s libsystemd-shared:arm64 depends on libssl3 (>= 3.0.0). 106s libssh-4:arm64 depends on libssl3 (>= 3.0.0). 106s libsasl2-modules:arm64 depends on libssl3 (>= 3.0.0). 106s libsasl2-2:arm64 depends on libssl3 (>= 3.0.0). 106s libpython3.12-minimal:arm64 depends on libssl3 (>= 3.0.0). 106s libpython3.11-minimal:arm64 depends on libssl3 (>= 3.0.0). 106s libnvme1 depends on libssl3 (>= 3.0.0). 106s libkrb5-3:arm64 depends on libssl3 (>= 3.0.0). 106s libkmod2:arm64 depends on libssl3 (>= 3.0.0). 106s libfido2-1:arm64 depends on libssl3 (>= 3.0.0). 106s libcurl4:arm64 depends on libssl3 (>= 3.0.0). 106s libcryptsetup12:arm64 depends on libssl3 (>= 3.0.0). 106s kmod depends on libssl3 (>= 3.0.0). 106s dhcpcd-base depends on libssl3 (>= 3.0.0). 106s bind9-libs:arm64 depends on libssl3 (>= 3.0.0). 106s 106s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 75850 files and directories currently installed.) 106s Removing libssl3:arm64 (3.0.10-1ubuntu4) ... 106s Selecting previously unselected package libssl3t64:arm64. 106s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 75839 files and directories currently installed.) 106s Preparing to unpack .../libssl3t64_3.0.13-0ubuntu2_arm64.deb ... 106s Unpacking libssl3t64:arm64 (3.0.13-0ubuntu2) ... 106s Setting up libssl3t64:arm64 (3.0.13-0ubuntu2) ... 106s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 75852 files and directories currently installed.) 106s Preparing to unpack .../systemd_255.4-1ubuntu5_arm64.deb ... 106s Unpacking systemd (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 106s Preparing to unpack .../udev_255.4-1ubuntu5_arm64.deb ... 106s Unpacking udev (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 106s Preparing to unpack .../libsystemd-shared_255.4-1ubuntu5_arm64.deb ... 106s Unpacking libsystemd-shared:arm64 (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 106s Setting up libsystemd-shared:arm64 (255.4-1ubuntu5) ... 106s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 75852 files and directories currently installed.) 106s Preparing to unpack .../libsystemd0_255.4-1ubuntu5_arm64.deb ... 106s Unpacking libsystemd0:arm64 (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 107s Setting up libsystemd0:arm64 (255.4-1ubuntu5) ... 107s Setting up systemd-dev (255.4-1ubuntu5) ... 107s Setting up systemd (255.4-1ubuntu5) ... 107s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 75852 files and directories currently installed.) 107s Preparing to unpack .../systemd-sysv_255.4-1ubuntu5_arm64.deb ... 107s Unpacking systemd-sysv (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 107s Preparing to unpack .../libpam-systemd_255.4-1ubuntu5_arm64.deb ... 107s Unpacking libpam-systemd:arm64 (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 107s Preparing to unpack .../systemd-timesyncd_255.4-1ubuntu5_arm64.deb ... 107s Unpacking systemd-timesyncd (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 107s Preparing to unpack .../libudev1_255.4-1ubuntu5_arm64.deb ... 107s Unpacking libudev1:arm64 (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 107s Setting up libudev1:arm64 (255.4-1ubuntu5) ... 108s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 75852 files and directories currently installed.) 108s Preparing to unpack .../ubuntu-minimal_1.536build1_arm64.deb ... 108s Unpacking ubuntu-minimal (1.536build1) over (1.536) ... 108s Preparing to unpack .../ubuntu-standard_1.536build1_arm64.deb ... 108s Unpacking ubuntu-standard (1.536build1) over (1.536) ... 108s Setting up systemd-sysv (255.4-1ubuntu5) ... 108s Setting up libnss-systemd:arm64 (255.4-1ubuntu5) ... 108s Setting up systemd-timesyncd (255.4-1ubuntu5) ... 108s Setting up udev (255.4-1ubuntu5) ... 109s Setting up libpam-systemd:arm64 (255.4-1ubuntu5) ... 109s Setting up systemd-resolved (255.4-1ubuntu5) ... 109s Setting up ubuntu-minimal (1.536build1) ... 109s Setting up ubuntu-standard (1.536build1) ... 109s Processing triggers for dbus (1.14.10-4ubuntu1) ... 109s Processing triggers for initramfs-tools (0.142ubuntu20) ... 109s update-initramfs: Generating /boot/initrd.img-6.8.0-11-generic 109s W: No lz4 in /usr/bin:/sbin:/bin, using gzip 118s System running in EFI mode, skipping. 118s Processing triggers for libc-bin (2.39-0ubuntu2) ... 118s Processing triggers for man-db (2.12.0-3) ... 119s Reading package lists... 119s Building dependency tree... 119s Reading state information... 120s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 120s Hit:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease 120s Hit:2 http://ftpmaster.internal/ubuntu noble InRelease 121s Hit:3 http://ftpmaster.internal/ubuntu noble-updates InRelease 121s Hit:4 http://ftpmaster.internal/ubuntu noble-security InRelease 122s Reading package lists... 122s Reading package lists... 122s Building dependency tree... 122s Reading state information... 123s Calculating upgrade... 123s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 123s Reading package lists... 123s Building dependency tree... 123s Reading state information... 124s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 124s autopkgtest [18:23:12]: rebooting testbed after setup commands that affected boot 275s autopkgtest [18:25:43]: testbed running kernel: Linux 6.8.0-11-generic #11-Ubuntu SMP PREEMPT_DYNAMIC Wed Feb 14 02:53:31 UTC 2024 278s autopkgtest [18:25:46]: @@@@@@@@@@@@@@@@@@@@ apt-source sssd 292s Get:1 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (dsc) [5269 B] 292s Get:2 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (tar) [7983 kB] 292s Get:3 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (asc) [833 B] 292s Get:4 http://ftpmaster.internal/ubuntu noble/main sssd 2.9.4-1ubuntu1 (diff) [48.4 kB] 292s gpgv: Signature made Mon Feb 26 21:56:54 2024 UTC 292s gpgv: using RSA key E92FD0B36B14F1F4D8E0EB2F106DA1C8C3CBBF14 292s gpgv: Can't check signature: No public key 292s dpkg-source: warning: cannot verify inline signature for ./sssd_2.9.4-1ubuntu1.dsc: no acceptable signature found 292s autopkgtest [18:26:00]: testing package sssd version 2.9.4-1ubuntu1 294s autopkgtest [18:26:02]: build not needed 381s autopkgtest [18:27:29]: test ldap-user-group-ldap-auth: preparing testbed 385s Reading package lists... 385s Building dependency tree... 385s Reading state information... 386s Starting pkgProblemResolver with broken count: 0 386s Starting 2 pkgProblemResolver with broken count: 0 386s Done 386s The following additional packages will be installed: 386s expect ldap-utils libavahi-client3 libavahi-common-data libavahi-common3 386s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 386s libevent-2.1-7 libini-config5 libipa-hbac-dev libipa-hbac0 libjose0 libkrad0 386s libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo libodbc2 386s libpam-pwquality libpam-sss libpath-utils1 libpwquality-common libpwquality1 386s libref-array1 libsmbclient libsss-certmap-dev libsss-certmap0 386s libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev libsss-nss-idmap0 386s libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0 libverto-libevent1 386s libverto1 libwbclient0 python3-libipa-hbac python3-libsss-nss-idmap 386s python3-sss samba-libs slapd sssd sssd-ad sssd-ad-common sssd-common 386s sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 sssd-krb5-common sssd-ldap 386s sssd-passkey sssd-proxy sssd-tools tcl-expect tcl8.6 386s Suggested packages: 386s tk8.6 libsasl2-modules-gssapi-mit | libsasl2-modules-gssapi-heimdal 386s odbc-postgresql tdsodbc adcli libsasl2-modules-ldap tcl-tclreadline 386s Recommended packages: 386s cracklib-runtime libsasl2-modules-gssapi-mit 386s | libsasl2-modules-gssapi-heimdal 386s The following NEW packages will be installed: 386s autopkgtest-satdep expect ldap-utils libavahi-client3 libavahi-common-data 386s libavahi-common3 libbasicobjects0 libc-ares2 libcollection4 libcrack2 386s libdhash1 libevent-2.1-7 libini-config5 libipa-hbac-dev libipa-hbac0 386s libjose0 libkrad0 libldb2 libltdl7 libnfsidmap1 libnss-sss libnss-sudo 386s libodbc2 libpam-pwquality libpam-sss libpath-utils1 libpwquality-common 386s libpwquality1 libref-array1 libsmbclient libsss-certmap-dev libsss-certmap0 386s libsss-idmap-dev libsss-idmap0 libsss-nss-idmap-dev libsss-nss-idmap0 386s libsss-sudo libtalloc2 libtcl8.6 libtdb1 libtevent0 libverto-libevent1 386s libverto1 libwbclient0 python3-libipa-hbac python3-libsss-nss-idmap 386s python3-sss samba-libs slapd sssd sssd-ad sssd-ad-common sssd-common 386s sssd-dbus sssd-idp sssd-ipa sssd-kcm sssd-krb5 sssd-krb5-common sssd-ldap 386s sssd-passkey sssd-proxy sssd-tools tcl-expect tcl8.6 387s 0 upgraded, 65 newly installed, 0 to remove and 0 not upgraded. 387s Need to get 12.6 MB/12.6 MB of archives. 387s After this operation, 59.9 MB of additional disk space will be used. 387s Get:1 /tmp/autopkgtest.YVHgdk/1-autopkgtest-satdep.deb autopkgtest-satdep arm64 0 [864 B] 387s Get:2 http://ftpmaster.internal/ubuntu noble/main arm64 libltdl7 arm64 2.4.7-7 [40.3 kB] 387s Get:3 http://ftpmaster.internal/ubuntu noble/main arm64 libodbc2 arm64 2.3.12-1 [144 kB] 387s Get:4 http://ftpmaster.internal/ubuntu noble/main arm64 slapd arm64 2.6.7+dfsg-1~exp1ubuntu1 [1515 kB] 388s Get:5 http://ftpmaster.internal/ubuntu noble/main arm64 libtcl8.6 arm64 8.6.13+dfsg-2 [980 kB] 388s Get:6 http://ftpmaster.internal/ubuntu noble/main arm64 tcl8.6 arm64 8.6.13+dfsg-2 [14.6 kB] 388s Get:7 http://ftpmaster.internal/ubuntu noble/universe arm64 tcl-expect arm64 5.45.4-2build1 [103 kB] 388s Get:8 http://ftpmaster.internal/ubuntu noble/universe arm64 expect arm64 5.45.4-2build1 [137 kB] 388s Get:9 http://ftpmaster.internal/ubuntu noble/main arm64 ldap-utils arm64 2.6.7+dfsg-1~exp1ubuntu1 [149 kB] 388s Get:10 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-common-data arm64 0.8-13ubuntu2 [29.5 kB] 388s Get:11 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-common3 arm64 0.8-13ubuntu2 [23.2 kB] 388s Get:12 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-client3 arm64 0.8-13ubuntu2 [27.3 kB] 388s Get:13 http://ftpmaster.internal/ubuntu noble/main arm64 libcrack2 arm64 2.9.6-5.1 [28.7 kB] 388s Get:14 http://ftpmaster.internal/ubuntu noble/main arm64 libevent-2.1-7 arm64 2.1.12-stable-9 [138 kB] 388s Get:15 http://ftpmaster.internal/ubuntu noble/universe arm64 libjose0 arm64 11-3 [44.1 kB] 388s Get:16 http://ftpmaster.internal/ubuntu noble/main arm64 libverto-libevent1 arm64 0.3.1-1ubuntu5 [5848 B] 388s Get:17 http://ftpmaster.internal/ubuntu noble/main arm64 libverto1 arm64 0.3.1-1ubuntu5 [10.2 kB] 388s Get:18 http://ftpmaster.internal/ubuntu noble/main arm64 libkrad0 arm64 1.20.1-5build1 [22.1 kB] 388s Get:19 http://ftpmaster.internal/ubuntu noble/main arm64 libtalloc2 arm64 2.4.2-1 [26.6 kB] 388s Get:20 http://ftpmaster.internal/ubuntu noble/main arm64 libtdb1 arm64 1.4.10-1 [48.4 kB] 388s Get:21 http://ftpmaster.internal/ubuntu noble/main arm64 libtevent0 arm64 0.16.1-1 [41.8 kB] 388s Get:22 http://ftpmaster.internal/ubuntu noble/main arm64 libldb2 arm64 2:2.8.0+samba4.19.5+dfsg-1ubuntu1 [187 kB] 389s Get:23 http://ftpmaster.internal/ubuntu noble/main arm64 libnfsidmap1 arm64 1:2.6.3-3ubuntu1 [47.1 kB] 389s Get:24 http://ftpmaster.internal/ubuntu noble/universe arm64 libnss-sudo all 1.9.15p5-3ubuntu1 [14.9 kB] 389s Get:25 http://ftpmaster.internal/ubuntu noble/main arm64 libpwquality-common all 1.4.5-3 [7658 B] 389s Get:26 http://ftpmaster.internal/ubuntu noble/main arm64 libpwquality1 arm64 1.4.5-3 [13.2 kB] 389s Get:27 http://ftpmaster.internal/ubuntu noble/main arm64 libpam-pwquality arm64 1.4.5-3 [11.6 kB] 389s Get:28 http://ftpmaster.internal/ubuntu noble/main arm64 libwbclient0 arm64 2:4.19.5+dfsg-1ubuntu1 [70.6 kB] 389s Get:29 http://ftpmaster.internal/ubuntu noble/main arm64 samba-libs arm64 2:4.19.5+dfsg-1ubuntu1 [6061 kB] 390s Get:30 http://ftpmaster.internal/ubuntu noble/main arm64 libnss-sss arm64 2.9.4-1ubuntu1 [31.7 kB] 390s Get:31 http://ftpmaster.internal/ubuntu noble/main arm64 libpam-sss arm64 2.9.4-1ubuntu1 [48.8 kB] 390s Get:32 http://ftpmaster.internal/ubuntu noble/main arm64 python3-sss arm64 2.9.4-1ubuntu1 [46.5 kB] 390s Get:33 http://ftpmaster.internal/ubuntu noble/main arm64 libc-ares2 arm64 1.27.0-1 [74.1 kB] 390s Get:34 http://ftpmaster.internal/ubuntu noble/main arm64 libdhash1 arm64 0.6.2-2 [8540 B] 390s Get:35 http://ftpmaster.internal/ubuntu noble/main arm64 libbasicobjects0 arm64 0.6.2-2 [5586 B] 390s Get:36 http://ftpmaster.internal/ubuntu noble/main arm64 libcollection4 arm64 0.6.2-2 [23.0 kB] 390s Get:37 http://ftpmaster.internal/ubuntu noble/main arm64 libpath-utils1 arm64 0.6.2-2 [8722 B] 390s Get:38 http://ftpmaster.internal/ubuntu noble/main arm64 libref-array1 arm64 0.6.2-2 [7042 B] 390s Get:39 http://ftpmaster.internal/ubuntu noble/main arm64 libini-config5 arm64 0.6.2-2 [43.7 kB] 390s Get:40 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-certmap0 arm64 2.9.4-1ubuntu1 [45.8 kB] 390s Get:41 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-idmap0 arm64 2.9.4-1ubuntu1 [21.8 kB] 390s Get:42 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-nss-idmap0 arm64 2.9.4-1ubuntu1 [30.3 kB] 390s Get:43 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-common arm64 2.9.4-1ubuntu1 [1147 kB] 390s Get:44 http://ftpmaster.internal/ubuntu noble/universe arm64 sssd-idp arm64 2.9.4-1ubuntu1 [27.9 kB] 390s Get:45 http://ftpmaster.internal/ubuntu noble/universe arm64 sssd-passkey arm64 2.9.4-1ubuntu1 [32.7 kB] 390s Get:46 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ad-common arm64 2.9.4-1ubuntu1 [75.4 kB] 390s Get:47 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-krb5-common arm64 2.9.4-1ubuntu1 [87.9 kB] 390s Get:48 http://ftpmaster.internal/ubuntu noble/main arm64 libsmbclient arm64 2:4.19.5+dfsg-1ubuntu1 [62.2 kB] 390s Get:49 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ad arm64 2.9.4-1ubuntu1 [134 kB] 390s Get:50 http://ftpmaster.internal/ubuntu noble/main arm64 libipa-hbac0 arm64 2.9.4-1ubuntu1 [16.7 kB] 390s Get:51 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ipa arm64 2.9.4-1ubuntu1 [220 kB] 390s Get:52 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-krb5 arm64 2.9.4-1ubuntu1 [14.3 kB] 390s Get:53 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ldap arm64 2.9.4-1ubuntu1 [31.3 kB] 390s Get:54 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-proxy arm64 2.9.4-1ubuntu1 [44.6 kB] 390s Get:55 http://ftpmaster.internal/ubuntu noble/main arm64 sssd arm64 2.9.4-1ubuntu1 [4120 B] 390s Get:56 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-dbus arm64 2.9.4-1ubuntu1 [103 kB] 390s Get:57 http://ftpmaster.internal/ubuntu noble/universe arm64 sssd-kcm arm64 2.9.4-1ubuntu1 [139 kB] 390s Get:58 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-tools arm64 2.9.4-1ubuntu1 [97.5 kB] 390s Get:59 http://ftpmaster.internal/ubuntu noble/main arm64 libipa-hbac-dev arm64 2.9.4-1ubuntu1 [6660 B] 390s Get:60 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-certmap-dev arm64 2.9.4-1ubuntu1 [5722 B] 390s Get:61 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-idmap-dev arm64 2.9.4-1ubuntu1 [8380 B] 390s Get:62 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-nss-idmap-dev arm64 2.9.4-1ubuntu1 [6714 B] 390s Get:63 http://ftpmaster.internal/ubuntu noble/universe arm64 libsss-sudo arm64 2.9.4-1ubuntu1 [20.4 kB] 390s Get:64 http://ftpmaster.internal/ubuntu noble/universe arm64 python3-libipa-hbac arm64 2.9.4-1ubuntu1 [16.6 kB] 390s Get:65 http://ftpmaster.internal/ubuntu noble/universe arm64 python3-libsss-nss-idmap arm64 2.9.4-1ubuntu1 [9160 B] 390s Preconfiguring packages ... 391s Fetched 12.6 MB in 4s (3502 kB/s) 391s Selecting previously unselected package libltdl7:arm64. 391s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 75852 files and directories currently installed.) 391s Preparing to unpack .../00-libltdl7_2.4.7-7_arm64.deb ... 391s Unpacking libltdl7:arm64 (2.4.7-7) ... 391s Selecting previously unselected package libodbc2:arm64. 391s Preparing to unpack .../01-libodbc2_2.3.12-1_arm64.deb ... 391s Unpacking libodbc2:arm64 (2.3.12-1) ... 391s Selecting previously unselected package slapd. 391s Preparing to unpack .../02-slapd_2.6.7+dfsg-1~exp1ubuntu1_arm64.deb ... 391s Unpacking slapd (2.6.7+dfsg-1~exp1ubuntu1) ... 391s Selecting previously unselected package libtcl8.6:arm64. 391s Preparing to unpack .../03-libtcl8.6_8.6.13+dfsg-2_arm64.deb ... 391s Unpacking libtcl8.6:arm64 (8.6.13+dfsg-2) ... 391s Selecting previously unselected package tcl8.6. 391s Preparing to unpack .../04-tcl8.6_8.6.13+dfsg-2_arm64.deb ... 391s Unpacking tcl8.6 (8.6.13+dfsg-2) ... 391s Selecting previously unselected package tcl-expect:arm64. 391s Preparing to unpack .../05-tcl-expect_5.45.4-2build1_arm64.deb ... 391s Unpacking tcl-expect:arm64 (5.45.4-2build1) ... 391s Selecting previously unselected package expect. 391s Preparing to unpack .../06-expect_5.45.4-2build1_arm64.deb ... 391s Unpacking expect (5.45.4-2build1) ... 391s Selecting previously unselected package ldap-utils. 391s Preparing to unpack .../07-ldap-utils_2.6.7+dfsg-1~exp1ubuntu1_arm64.deb ... 391s Unpacking ldap-utils (2.6.7+dfsg-1~exp1ubuntu1) ... 391s Selecting previously unselected package libavahi-common-data:arm64. 391s Preparing to unpack .../08-libavahi-common-data_0.8-13ubuntu2_arm64.deb ... 391s Unpacking libavahi-common-data:arm64 (0.8-13ubuntu2) ... 391s Selecting previously unselected package libavahi-common3:arm64. 391s Preparing to unpack .../09-libavahi-common3_0.8-13ubuntu2_arm64.deb ... 391s Unpacking libavahi-common3:arm64 (0.8-13ubuntu2) ... 391s Selecting previously unselected package libavahi-client3:arm64. 391s Preparing to unpack .../10-libavahi-client3_0.8-13ubuntu2_arm64.deb ... 391s Unpacking libavahi-client3:arm64 (0.8-13ubuntu2) ... 391s Selecting previously unselected package libcrack2:arm64. 391s Preparing to unpack .../11-libcrack2_2.9.6-5.1_arm64.deb ... 391s Unpacking libcrack2:arm64 (2.9.6-5.1) ... 391s Selecting previously unselected package libevent-2.1-7:arm64. 391s Preparing to unpack .../12-libevent-2.1-7_2.1.12-stable-9_arm64.deb ... 391s Unpacking libevent-2.1-7:arm64 (2.1.12-stable-9) ... 391s Selecting previously unselected package libjose0:arm64. 391s Preparing to unpack .../13-libjose0_11-3_arm64.deb ... 391s Unpacking libjose0:arm64 (11-3) ... 391s Selecting previously unselected package libverto-libevent1:arm64. 391s Preparing to unpack .../14-libverto-libevent1_0.3.1-1ubuntu5_arm64.deb ... 391s Unpacking libverto-libevent1:arm64 (0.3.1-1ubuntu5) ... 391s Selecting previously unselected package libverto1:arm64. 391s Preparing to unpack .../15-libverto1_0.3.1-1ubuntu5_arm64.deb ... 391s Unpacking libverto1:arm64 (0.3.1-1ubuntu5) ... 391s Selecting previously unselected package libkrad0:arm64. 391s Preparing to unpack .../16-libkrad0_1.20.1-5build1_arm64.deb ... 391s Unpacking libkrad0:arm64 (1.20.1-5build1) ... 391s Selecting previously unselected package libtalloc2:arm64. 391s Preparing to unpack .../17-libtalloc2_2.4.2-1_arm64.deb ... 391s Unpacking libtalloc2:arm64 (2.4.2-1) ... 391s Selecting previously unselected package libtdb1:arm64. 391s Preparing to unpack .../18-libtdb1_1.4.10-1_arm64.deb ... 391s Unpacking libtdb1:arm64 (1.4.10-1) ... 391s Selecting previously unselected package libtevent0:arm64. 391s Preparing to unpack .../19-libtevent0_0.16.1-1_arm64.deb ... 391s Unpacking libtevent0:arm64 (0.16.1-1) ... 391s Selecting previously unselected package libldb2:arm64. 391s Preparing to unpack .../20-libldb2_2%3a2.8.0+samba4.19.5+dfsg-1ubuntu1_arm64.deb ... 391s Unpacking libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 391s Selecting previously unselected package libnfsidmap1:arm64. 391s Preparing to unpack .../21-libnfsidmap1_1%3a2.6.3-3ubuntu1_arm64.deb ... 391s Unpacking libnfsidmap1:arm64 (1:2.6.3-3ubuntu1) ... 391s Selecting previously unselected package libnss-sudo. 391s Preparing to unpack .../22-libnss-sudo_1.9.15p5-3ubuntu1_all.deb ... 391s Unpacking libnss-sudo (1.9.15p5-3ubuntu1) ... 391s Selecting previously unselected package libpwquality-common. 391s Preparing to unpack .../23-libpwquality-common_1.4.5-3_all.deb ... 391s Unpacking libpwquality-common (1.4.5-3) ... 391s Selecting previously unselected package libpwquality1:arm64. 391s Preparing to unpack .../24-libpwquality1_1.4.5-3_arm64.deb ... 391s Unpacking libpwquality1:arm64 (1.4.5-3) ... 391s Selecting previously unselected package libpam-pwquality:arm64. 391s Preparing to unpack .../25-libpam-pwquality_1.4.5-3_arm64.deb ... 391s Unpacking libpam-pwquality:arm64 (1.4.5-3) ... 391s Selecting previously unselected package libwbclient0:arm64. 391s Preparing to unpack .../26-libwbclient0_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 391s Unpacking libwbclient0:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 391s Selecting previously unselected package samba-libs:arm64. 391s Preparing to unpack .../27-samba-libs_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 391s Unpacking samba-libs:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 392s Selecting previously unselected package libnss-sss:arm64. 392s Preparing to unpack .../28-libnss-sss_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking libnss-sss:arm64 (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package libpam-sss:arm64. 392s Preparing to unpack .../29-libpam-sss_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking libpam-sss:arm64 (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package python3-sss. 392s Preparing to unpack .../30-python3-sss_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking python3-sss (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package libc-ares2:arm64. 392s Preparing to unpack .../31-libc-ares2_1.27.0-1_arm64.deb ... 392s Unpacking libc-ares2:arm64 (1.27.0-1) ... 392s Selecting previously unselected package libdhash1:arm64. 392s Preparing to unpack .../32-libdhash1_0.6.2-2_arm64.deb ... 392s Unpacking libdhash1:arm64 (0.6.2-2) ... 392s Selecting previously unselected package libbasicobjects0:arm64. 392s Preparing to unpack .../33-libbasicobjects0_0.6.2-2_arm64.deb ... 392s Unpacking libbasicobjects0:arm64 (0.6.2-2) ... 392s Selecting previously unselected package libcollection4:arm64. 392s Preparing to unpack .../34-libcollection4_0.6.2-2_arm64.deb ... 392s Unpacking libcollection4:arm64 (0.6.2-2) ... 392s Selecting previously unselected package libpath-utils1:arm64. 392s Preparing to unpack .../35-libpath-utils1_0.6.2-2_arm64.deb ... 392s Unpacking libpath-utils1:arm64 (0.6.2-2) ... 392s Selecting previously unselected package libref-array1:arm64. 392s Preparing to unpack .../36-libref-array1_0.6.2-2_arm64.deb ... 392s Unpacking libref-array1:arm64 (0.6.2-2) ... 392s Selecting previously unselected package libini-config5:arm64. 392s Preparing to unpack .../37-libini-config5_0.6.2-2_arm64.deb ... 392s Unpacking libini-config5:arm64 (0.6.2-2) ... 392s Selecting previously unselected package libsss-certmap0. 392s Preparing to unpack .../38-libsss-certmap0_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking libsss-certmap0 (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package libsss-idmap0. 392s Preparing to unpack .../39-libsss-idmap0_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking libsss-idmap0 (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package libsss-nss-idmap0. 392s Preparing to unpack .../40-libsss-nss-idmap0_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package sssd-common. 392s Preparing to unpack .../41-sssd-common_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking sssd-common (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package sssd-idp. 392s Preparing to unpack .../42-sssd-idp_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking sssd-idp (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package sssd-passkey. 392s Preparing to unpack .../43-sssd-passkey_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking sssd-passkey (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package sssd-ad-common. 392s Preparing to unpack .../44-sssd-ad-common_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking sssd-ad-common (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package sssd-krb5-common. 392s Preparing to unpack .../45-sssd-krb5-common_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking sssd-krb5-common (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package libsmbclient:arm64. 392s Preparing to unpack .../46-libsmbclient_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 392s Unpacking libsmbclient:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 392s Selecting previously unselected package sssd-ad. 392s Preparing to unpack .../47-sssd-ad_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking sssd-ad (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package libipa-hbac0. 392s Preparing to unpack .../48-libipa-hbac0_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking libipa-hbac0 (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package sssd-ipa. 392s Preparing to unpack .../49-sssd-ipa_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking sssd-ipa (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package sssd-krb5. 392s Preparing to unpack .../50-sssd-krb5_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking sssd-krb5 (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package sssd-ldap. 392s Preparing to unpack .../51-sssd-ldap_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking sssd-ldap (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package sssd-proxy. 392s Preparing to unpack .../52-sssd-proxy_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking sssd-proxy (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package sssd. 392s Preparing to unpack .../53-sssd_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking sssd (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package sssd-dbus. 392s Preparing to unpack .../54-sssd-dbus_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking sssd-dbus (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package sssd-kcm. 392s Preparing to unpack .../55-sssd-kcm_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking sssd-kcm (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package sssd-tools. 392s Preparing to unpack .../56-sssd-tools_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking sssd-tools (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package libipa-hbac-dev. 392s Preparing to unpack .../57-libipa-hbac-dev_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking libipa-hbac-dev (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package libsss-certmap-dev. 392s Preparing to unpack .../58-libsss-certmap-dev_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking libsss-certmap-dev (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package libsss-idmap-dev. 392s Preparing to unpack .../59-libsss-idmap-dev_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking libsss-idmap-dev (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package libsss-nss-idmap-dev. 392s Preparing to unpack .../60-libsss-nss-idmap-dev_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking libsss-nss-idmap-dev (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package libsss-sudo. 392s Preparing to unpack .../61-libsss-sudo_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking libsss-sudo (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package python3-libipa-hbac. 392s Preparing to unpack .../62-python3-libipa-hbac_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking python3-libipa-hbac (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package python3-libsss-nss-idmap. 392s Preparing to unpack .../63-python3-libsss-nss-idmap_2.9.4-1ubuntu1_arm64.deb ... 392s Unpacking python3-libsss-nss-idmap (2.9.4-1ubuntu1) ... 392s Selecting previously unselected package autopkgtest-satdep. 392s Preparing to unpack .../64-1-autopkgtest-satdep.deb ... 392s Unpacking autopkgtest-satdep (0) ... 392s Setting up libpwquality-common (1.4.5-3) ... 392s Setting up libpath-utils1:arm64 (0.6.2-2) ... 392s Setting up libnfsidmap1:arm64 (1:2.6.3-3ubuntu1) ... 392s Setting up libsss-idmap0 (2.9.4-1ubuntu1) ... 392s Setting up libbasicobjects0:arm64 (0.6.2-2) ... 392s Setting up libsss-idmap-dev (2.9.4-1ubuntu1) ... 392s Setting up libtdb1:arm64 (1.4.10-1) ... 392s Setting up libc-ares2:arm64 (1.27.0-1) ... 392s Setting up ldap-utils (2.6.7+dfsg-1~exp1ubuntu1) ... 392s Setting up libjose0:arm64 (11-3) ... 392s Setting up libwbclient0:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 392s Setting up libtalloc2:arm64 (2.4.2-1) ... 392s Setting up libdhash1:arm64 (0.6.2-2) ... 392s Setting up libtevent0:arm64 (0.16.1-1) ... 392s Setting up libavahi-common-data:arm64 (0.8-13ubuntu2) ... 392s Setting up libevent-2.1-7:arm64 (2.1.12-stable-9) ... 392s Setting up libtcl8.6:arm64 (8.6.13+dfsg-2) ... 392s Setting up libltdl7:arm64 (2.4.7-7) ... 392s Setting up libcrack2:arm64 (2.9.6-5.1) ... 392s Setting up libcollection4:arm64 (0.6.2-2) ... 392s Setting up libodbc2:arm64 (2.3.12-1) ... 392s Setting up libipa-hbac0 (2.9.4-1ubuntu1) ... 392s Setting up python3-libipa-hbac (2.9.4-1ubuntu1) ... 392s Setting up libref-array1:arm64 (0.6.2-2) ... 392s Setting up libnss-sudo (1.9.15p5-3ubuntu1) ... 392s Setting up libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 392s Setting up libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 392s Setting up libnss-sss:arm64 (2.9.4-1ubuntu1) ... 392s Setting up slapd (2.6.7+dfsg-1~exp1ubuntu1) ... 393s Creating new user openldap... done. 393s Creating initial configuration... done. 393s Creating LDAP directory... done. 393s Setting up tcl8.6 (8.6.13+dfsg-2) ... 393s Setting up libsss-sudo (2.9.4-1ubuntu1) ... 393s Setting up libsss-nss-idmap-dev (2.9.4-1ubuntu1) ... 393s Setting up libipa-hbac-dev (2.9.4-1ubuntu1) ... 393s Setting up libini-config5:arm64 (0.6.2-2) ... 393s Setting up libavahi-common3:arm64 (0.8-13ubuntu2) ... 393s Setting up tcl-expect:arm64 (5.45.4-2build1) ... 393s Setting up python3-sss (2.9.4-1ubuntu1) ... 393s Setting up libsss-certmap0 (2.9.4-1ubuntu1) ... 393s Setting up libpwquality1:arm64 (1.4.5-3) ... 393s Setting up python3-libsss-nss-idmap (2.9.4-1ubuntu1) ... 393s Setting up libavahi-client3:arm64 (0.8-13ubuntu2) ... 393s Setting up expect (5.45.4-2build1) ... 393s Setting up libpam-pwquality:arm64 (1.4.5-3) ... 394s Setting up samba-libs:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 394s Setting up libsss-certmap-dev (2.9.4-1ubuntu1) ... 394s Setting up libsmbclient:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 394s Setting up libpam-sss:arm64 (2.9.4-1ubuntu1) ... 394s Setting up sssd-common (2.9.4-1ubuntu1) ... 394s Creating SSSD system user & group... 394s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 394s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 394s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 394s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 394s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 394s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 395s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 395s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 395s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 395s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 395s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 396s sssd-autofs.service is a disabled or a static unit, not starting it. 396s sssd-nss.service is a disabled or a static unit, not starting it. 396s sssd-pam.service is a disabled or a static unit, not starting it. 396s sssd-ssh.service is a disabled or a static unit, not starting it. 396s sssd-sudo.service is a disabled or a static unit, not starting it. 396s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 396s Setting up sssd-proxy (2.9.4-1ubuntu1) ... 396s Setting up sssd-kcm (2.9.4-1ubuntu1) ... 396s Created symlink /etc/systemd/system/sockets.target.wants/sssd-kcm.socket → /usr/lib/systemd/system/sssd-kcm.socket. 396s sssd-kcm.service is a disabled or a static unit, not starting it. 396s Setting up sssd-dbus (2.9.4-1ubuntu1) ... 397s sssd-ifp.service is a disabled or a static unit, not starting it. 397s Setting up sssd-ad-common (2.9.4-1ubuntu1) ... 397s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 397s sssd-pac.service is a disabled or a static unit, not starting it. 397s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 397s Setting up sssd-krb5-common (2.9.4-1ubuntu1) ... 397s Setting up sssd-krb5 (2.9.4-1ubuntu1) ... 397s Setting up sssd-ldap (2.9.4-1ubuntu1) ... 397s Setting up sssd-ad (2.9.4-1ubuntu1) ... 397s Setting up sssd-tools (2.9.4-1ubuntu1) ... 397s Setting up sssd-ipa (2.9.4-1ubuntu1) ... 397s Setting up sssd (2.9.4-1ubuntu1) ... 397s Setting up libverto-libevent1:arm64 (0.3.1-1ubuntu5) ... 397s Setting up libverto1:arm64 (0.3.1-1ubuntu5) ... 397s Setting up libkrad0:arm64 (1.20.1-5build1) ... 397s Setting up sssd-passkey (2.9.4-1ubuntu1) ... 397s Setting up sssd-idp (2.9.4-1ubuntu1) ... 397s Setting up autopkgtest-satdep (0) ... 397s Processing triggers for libc-bin (2.39-0ubuntu2) ... 397s Processing triggers for ufw (0.36.2-5) ... 397s Processing triggers for man-db (2.12.0-3) ... 398s Processing triggers for dbus (1.14.10-4ubuntu1) ... 408s (Reading database ... 77137 files and directories currently installed.) 408s Removing autopkgtest-satdep (0) ... 408s autopkgtest [18:27:56]: test ldap-user-group-ldap-auth: [----------------------- 408s + . debian/tests/util 408s + . debian/tests/common-tests 408s + mydomain=example.com 408s + myhostname=ldap.example.com 408s + mysuffix=dc=example,dc=com 408s + admin_dn=cn=admin,dc=example,dc=com 408s + admin_pw=secret 408s + ldap_user=testuser1 408s + ldap_user_pw=testuser1secret 408s + ldap_group=ldapusers 408s + adjust_hostname ldap.example.com 408s + local myhostname=ldap.example.com 408s + echo ldap.example.com 408s + hostname ldap.example.com 408s + grep -qE ldap.example.com /etc/hosts 408s + echo 127.0.1.10 ldap.example.com 408s + reconfigure_slapd 408s + debconf-set-selections 408s + rm -rf /var/backups/*slapd* /var/backups/unknown*ldapdb 408s + dpkg-reconfigure -fnoninteractive -pcritical slapd 409s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1... done. 409s Moving old database directory to /var/backups: 409s - directory unknown... done. 409s Creating initial configuration... done. 409s Creating LDAP directory... done. 409s + generate_certs ldap.example.com 409s + local cn=ldap.example.com 409s + local cert=/etc/ldap/server.pem 409s + local key=/etc/ldap/server.key 409s + local cnf=/etc/ldap/openssl.cnf 409s + cat 409s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 409s ..........++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 409s ..................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 409s ----- 409s + chmod 0640 /etc/ldap/server.key 409s + chgrp openldap /etc/ldap/server.key 409s + [ ! -f /etc/ldap/server.pem ] 409s + [ ! -f /etc/ldap/server.key ] 409s + enable_ldap_ssl 409s + cat 409s + cat+ ldapmodify -H ldapi:/// -Y EXTERNAL -Q 409s 409s + populate_ldap_rfc2307 409s + cat 409s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 409s modifying entry "cn=config" 409s 409s adding new entry "ou=People,dc=example,dc=com" 409s 409s adding new entry "ou=Group,dc=example,dc=com" 409s 409s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 409s 409s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 409s 409s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 409s 409s + configure_sssd_ldap_rfc2307 409s + cat 409s + chmod 0600 /etc/sssd/sssd.conf 409s + systemctl restart sssd 409s + enable_pam_mkhomedir 409s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 409s + echo session optional pam_mkhomedir.so 409s + run_common_tests 409s + echo Assert local user databases do not have our LDAP test data 409s + check_local_user testuser1Assert local user databases do not have our LDAP test data 409s The LDAP user is known to the system via getent 409s The LDAP user's private group is known to the system via getent 409s 409s + local local_user=testuser1 409s + grep -q ^testuser1 /etc/passwd 409s + check_local_group testuser1 409s + local local_group=testuser1 409s + grep -q ^testuser1 /etc/group 409s + check_local_group ldapusers 409s + local local_group=ldapusers 409s + grep -q ^ldapusers /etc/group 409s + echo The LDAP user is known to the system via getent 409s + check_getent_user testuser1 409s + local getent_user=testuser1 409s + local output 409s + getent passwd testuser1 409s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 409s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 409s + echo The LDAP user's private group is known to the system via getent 409s + check_getent_group testuser1 409s + local getent_group=testuser1 409s + local output 409s + getent group testuser1 410s The LDAP group ldapusers is known to the system via getent 410s + output=testuser1:*:10001:testuser1 410s + [ -z testuser1:*:10001:testuser1 ] 410s + echo The LDAP group ldapusers is known to the system via getent 410s + check_getent_group ldapusers 410s + local getent_group=ldapusers 410s + local output 410s + getent group ldapusers 410s + output=ldapusers:*:10100:testuser1 410s + [ -z ldapusers:*:10100:testuser1 ] 410s + The id(1) command can resolve the group membership of the LDAP user 410s echo The id(1) command can resolve the group membership of the LDAP user 410s + idThe LDAP user can login on a terminal 410s -Gn testuser1 410s + output=testuser1 ldapusers 410s + [ testuser1 ldapusers != testuser1 ldapusers ] 410s + echo The LDAP user can login on a terminal 410s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1secret 410s spawn login 410s ldap.example.com login: testuser1 410s Password: 410s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-11-generic aarch64) 410s 410s * Documentation: https://help.ubuntu.com 410s * Management: https://landscape.canonical.com 410s * Support: https://ubuntu.com/pro 410s 410s 410s The programs included with the Ubuntu system are free software; 410s the exact distribution terms for each program are described in the 410s individual files in /usr/share/doc/*/copyright. 410s 410s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 410s applicable law. 410s 410s 410s The programs included with the Ubuntu system are free software; 410s the exact distribution terms for each program are described in the 410s individual files in /usr/share/doc/*/copyright. 410s 410s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 410s applicable law. 410s 410s Creating directory '/home/testuser1'. 410s [?2004htestuser1@ldap:~$ id -un 410s [?2004l testuser1 410s [?2004htestuser1@ldap:~$ autopkgtest [18:27:58]: test ldap-user-group-ldap-auth: -----------------------] 411s autopkgtest [18:27:59]: test ldap-user-group-ldap-auth: - - - - - - - - - - results - - - - - - - - - - 411s ldap-user-group-ldap-auth PASS 411s autopkgtest [18:27:59]: test ldap-user-group-krb5-auth: preparing testbed 420s Reading package lists... 420s Building dependency tree... 420s Reading state information... 420s Starting pkgProblemResolver with broken count: 0 420s Starting 2 pkgProblemResolver with broken count: 0 420s Done 421s The following additional packages will be installed: 421s krb5-admin-server krb5-config krb5-kdc krb5-user libgssrpc4 421s libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 421s Suggested packages: 421s krb5-kdc-ldap krb5-kpropd krb5-k5tls krb5-doc 421s The following NEW packages will be installed: 421s autopkgtest-satdep krb5-admin-server krb5-config krb5-kdc krb5-user 421s libgssrpc4 libkadm5clnt-mit12 libkadm5srv-mit12 libkdb5-10 421s 0 upgraded, 9 newly installed, 0 to remove and 0 not upgraded. 421s Need to get 594 kB/595 kB of archives. 421s After this operation, 2907 kB of additional disk space will be used. 421s Get:1 /tmp/autopkgtest.YVHgdk/2-autopkgtest-satdep.deb autopkgtest-satdep arm64 0 [884 B] 421s Get:2 http://ftpmaster.internal/ubuntu noble/main arm64 krb5-config all 2.7 [22.0 kB] 421s Get:3 http://ftpmaster.internal/ubuntu noble/main arm64 libgssrpc4 arm64 1.20.1-5build1 [57.4 kB] 421s Get:4 http://ftpmaster.internal/ubuntu noble/main arm64 libkadm5clnt-mit12 arm64 1.20.1-5build1 [39.9 kB] 421s Get:5 http://ftpmaster.internal/ubuntu noble/main arm64 libkdb5-10 arm64 1.20.1-5build1 [39.8 kB] 421s Get:6 http://ftpmaster.internal/ubuntu noble/main arm64 libkadm5srv-mit12 arm64 1.20.1-5build1 [53.2 kB] 421s Get:7 http://ftpmaster.internal/ubuntu noble/universe arm64 krb5-user arm64 1.20.1-5build1 [108 kB] 421s Get:8 http://ftpmaster.internal/ubuntu noble/universe arm64 krb5-kdc arm64 1.20.1-5build1 [180 kB] 422s Get:9 http://ftpmaster.internal/ubuntu noble/universe arm64 krb5-admin-server arm64 1.20.1-5build1 [94.6 kB] 422s Preconfiguring packages ... 422s Fetched 594 kB in 1s (785 kB/s) 422s Selecting previously unselected package krb5-config. 422s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 77137 files and directories currently installed.) 422s Preparing to unpack .../0-krb5-config_2.7_all.deb ... 422s Unpacking krb5-config (2.7) ... 422s Selecting previously unselected package libgssrpc4:arm64. 422s Preparing to unpack .../1-libgssrpc4_1.20.1-5build1_arm64.deb ... 422s Unpacking libgssrpc4:arm64 (1.20.1-5build1) ... 422s Selecting previously unselected package libkadm5clnt-mit12:arm64. 422s Preparing to unpack .../2-libkadm5clnt-mit12_1.20.1-5build1_arm64.deb ... 422s Unpacking libkadm5clnt-mit12:arm64 (1.20.1-5build1) ... 422s Selecting previously unselected package libkdb5-10:arm64. 422s Preparing to unpack .../3-libkdb5-10_1.20.1-5build1_arm64.deb ... 422s Unpacking libkdb5-10:arm64 (1.20.1-5build1) ... 422s Selecting previously unselected package libkadm5srv-mit12:arm64. 422s Preparing to unpack .../4-libkadm5srv-mit12_1.20.1-5build1_arm64.deb ... 422s Unpacking libkadm5srv-mit12:arm64 (1.20.1-5build1) ... 422s Selecting previously unselected package krb5-user. 422s Preparing to unpack .../5-krb5-user_1.20.1-5build1_arm64.deb ... 422s Unpacking krb5-user (1.20.1-5build1) ... 422s Selecting previously unselected package krb5-kdc. 422s Preparing to unpack .../6-krb5-kdc_1.20.1-5build1_arm64.deb ... 422s Unpacking krb5-kdc (1.20.1-5build1) ... 422s Selecting previously unselected package krb5-admin-server. 422s Preparing to unpack .../7-krb5-admin-server_1.20.1-5build1_arm64.deb ... 422s Unpacking krb5-admin-server (1.20.1-5build1) ... 422s Selecting previously unselected package autopkgtest-satdep. 422s Preparing to unpack .../8-2-autopkgtest-satdep.deb ... 422s Unpacking autopkgtest-satdep (0) ... 422s Setting up libgssrpc4:arm64 (1.20.1-5build1) ... 422s Setting up krb5-config (2.7) ... 423s Setting up libkadm5clnt-mit12:arm64 (1.20.1-5build1) ... 423s Setting up libkdb5-10:arm64 (1.20.1-5build1) ... 423s Setting up libkadm5srv-mit12:arm64 (1.20.1-5build1) ... 423s Setting up krb5-user (1.20.1-5build1) ... 423s update-alternatives: using /usr/bin/kinit.mit to provide /usr/bin/kinit (kinit) in auto mode 423s update-alternatives: using /usr/bin/klist.mit to provide /usr/bin/klist (klist) in auto mode 423s update-alternatives: using /usr/bin/kswitch.mit to provide /usr/bin/kswitch (kswitch) in auto mode 423s update-alternatives: using /usr/bin/ksu.mit to provide /usr/bin/ksu (ksu) in auto mode 423s update-alternatives: using /usr/bin/kpasswd.mit to provide /usr/bin/kpasswd (kpasswd) in auto mode 423s update-alternatives: using /usr/bin/kdestroy.mit to provide /usr/bin/kdestroy (kdestroy) in auto mode 423s update-alternatives: using /usr/bin/kadmin.mit to provide /usr/bin/kadmin (kadmin) in auto mode 423s update-alternatives: using /usr/bin/ktutil.mit to provide /usr/bin/ktutil (ktutil) in auto mode 423s Setting up krb5-kdc (1.20.1-5build1) ... 423s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-kdc.service → /usr/lib/systemd/system/krb5-kdc.service. 423s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 423s Setting up krb5-admin-server (1.20.1-5build1) ... 424s Created symlink /etc/systemd/system/multi-user.target.wants/krb5-admin-server.service → /usr/lib/systemd/system/krb5-admin-server.service. 424s Setting up autopkgtest-satdep (0) ... 424s Processing triggers for man-db (2.12.0-3) ... 425s Processing triggers for libc-bin (2.39-0ubuntu2) ... 432s (Reading database ... 77230 files and directories currently installed.) 432s Removing autopkgtest-satdep (0) ... 433s autopkgtest [18:28:21]: test ldap-user-group-krb5-auth: [----------------------- 433s + . debian/tests/util 433s + . debian/tests/common-tests 433s + mydomain=example.com 433s + myhostname=ldap.example.com 433s + mysuffix=dc=example,dc=com 433s + myrealm=EXAMPLE.COM 433s + admin_dn=cn=admin,dc=example,dc=com 433s + admin_pw=secret 433s + ldap_user=testuser1 433s + ldap_user_pw=testuser1secret 433s + kerberos_principal_pw=testuser1kerberos 433s + ldap_group=ldapusers 433s + adjust_hostname ldap.example.com 433s + local myhostname=ldap.example.com 433s + echo ldap.example.com 433s + hostname ldap.example.com 433s + grep -qE ldap.example.com /etc/hosts 433s + reconfigure_slapd 433s + debconf-set-selections 433s + rm -rf /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1 /var/backups/unknown-2.6.7+dfsg-1~exp1ubuntu1-20240320-182757.ldapdb 433s + dpkg-reconfigure -fnoninteractive -pcritical slapd 434s Backing up /etc/ldap/slapd.d in /var/backups/slapd-2.6.7+dfsg-1~exp1ubuntu1... done. 434s Moving old database directory to /var/backups: 434s - directory unknown... done. 434s Creating initial configuration... done. 434s Creating LDAP directory... done. 434s + generate_certs ldap.example.com 434s + local cn=ldap.example.com 434s + local cert=/etc/ldap/server.pem 434s + local key=/etc/ldap/server.key 434s + local cnf=/etc/ldap/openssl.cnf 434s + cat 434s + openssl req -new -x509 -nodes -out /etc/ldap/server.pem -keyout /etc/ldap/server.key -config /etc/ldap/openssl.cnf 434s .........................++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 434s .+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++modifying entry "cn=config" 434s 434s adding new entry "ou=People,dc=example,dc=com" 434s 434s adding new entry "ou=Group,dc=example,dc=com" 434s 434s adding new entry "uid=testuser1,ou=People,dc=example,dc=com" 434s 434s adding new entry "cn=testuser1,ou=Group,dc=example,dc=com" 434s 434s adding new entry "cn=ldapusers,ou=Group,dc=example,dc=com" 434s 434s +++++ 434s ----- 434s + chmod 0640 /etc/ldap/server.key 434s + chgrp openldap /etc/ldap/server.key 434s + [ ! -f /etc/ldap/server.pem ] 434s + [ ! -f /etc/ldap/server.key ] 434s + enable_ldap_ssl 434s + cat 434s + cat 434s + ldapmodify -H ldapi:/// -Y EXTERNAL -Q 434s + populate_ldap_rfc2307 434s + cat 434s + ldapadd -x -D cn=admin,dc=example,dc=com -w secret 434s + create_realm EXAMPLE.COM ldap.example.com 434s + local realm_name=EXAMPLE.COM 434s + local kerberos_server=ldap.example.com 434s + rm -rf /var/lib/krb5kdc/* 434s + rm -rf /etc/krb5kdc/kdc.conf 434s + rm -f /etc/krb5.keytab 434s + cat 434s + cat 434s + echo # */admin * 434s + Initializing database '/var/lib/krb5kdc/principal' for realm 'EXAMPLE.COM', 434s master key name 'K/M@EXAMPLE.COM' 434s kdb5_util create -s -P secretpassword 434s + systemctl restart krb5-kdc.service krb5-admin-server.service 434s + create_krb_principal testuser1 testuser1kerberos 434s + local principal=testuser1 434s + local password=testuser1kerberos 434s + kadmin.local -q addprinc -pw testuser1kerberos testuser1 434s No policy specified for testuser1@EXAMPLE.COM; defaulting to no policy 434s Authenticating as principal root/admin@EXAMPLE.COM with password. 434s Principal "testuser1@EXAMPLE.COM" created. 434s + configure_sssd_ldap_rfc2307_krb5_auth 434s + cat 434s + chmod 0600 /etc/sssd/sssd.conf 434s + systemctl restart sssd 434s + enable_pam_mkhomedir 434s + grep -qE ^session.*pam_mkhomedir\.so /etc/pam.d/common-session 434s + run_common_tests 434s + echo Assert local user databases do not have our LDAP test data 434s + check_local_user testuser1 434s + local local_user=testuser1 434s + grep -q ^testuser1 /etc/passwd 434s Assert local user databases do not have our LDAP test data 434s + check_local_group testuser1 434s + local local_group=testuser1 434s + grep -q ^testuser1 /etc/group 434s + check_local_group ldapusers 434s + local local_group=ldapusers 434s + grep -q ^ldapusers /etc/group 434s + echo The LDAP user is known to the system via getent 434s + check_getent_user testuser1 434s + local getent_user=testuser1 434s + local output 434s + getent passwd testuser1 434s The LDAP user is known to the system via getent 434s The LDAP user's private group is known to the system via getent 434s + output=testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash 434s + [ -z testuser1:*:10001:10001:testuser1:/home/testuser1:/bin/bash ] 434s + echo The LDAP user's private group is known to the system via getent 434s + check_getent_group testuser1 434s + local getent_group=testuser1 434s + local output 434s + getent group testuser1 435s The LDAP group ldapusers is known to the system via getent 435s + output=testuser1:*:10001:testuser1 435s + [ -z testuser1:*:10001:testuser1 ] 435s + echo The LDAP group ldapusers is known to the system via getent 435s + check_getent_group ldapusers 435s + local getent_group=ldapusers 435s + local output 435s + getent group ldapusers 435s The id(1) command can resolve the group membership of the LDAP user 435s + output=ldapusers:*:10100:testuser1 435s + [ -z ldapusers:*:10100:testuser1 ] 435s + echo The id(1) command can resolve the group membership of the LDAP user 435s + id -Gn testuser1 435s + output=testuser1 ldapusers 435s The Kerberos principal can login on a terminal 435s + [ testuser1 ldapusers != testuser1 ldapusers ] 435s + echo The Kerberos principal can login on a terminal 435s + kdestroy 435s + /usr/bin/expect -f debian/tests/login.exp testuser1 testuser1kerberos testuser1@EXAMPLE.COM 435s spawn login 435s ldap.example.com login: testuser1 435s Password: 435s Welcome to Ubuntu Noble Numbat (development branch) (GNU/Linux 6.8.0-11-generic aarch64) 435s 435s * Documentation: https://help.ubuntu.com 435s * Management: https://landscape.canonical.com 435s * Support: https://ubuntu.com/pro 435s 435s 435s The programs included with the Ubuntu system are free software; 435s the exact distribution terms for each program are described in the 435s individual files in /usr/share/doc/*/copyright. 435s 435s Ubuntu comes with ABSOLUTELY NO WARRANTY, to the extent permitted by 435s applicable law. 435s 435s Last login: Wed Mar 20 18:27:58 UTC 2024 on pts/0 435s [?2004htestuser1@ldap:~$ id -un 435s [?2004l testuser1 435s [?2004htestuser1@ldap:~$ klist 435s [?2004l Ticket cache: FILE:/tmp/krb5cc_10001_d6Q9sW 435s Default principal: testuser1@EXAMPLE.COMautopkgtest [18:28:23]: test ldap-user-group-krb5-auth: -----------------------] 436s autopkgtest [18:28:24]: test ldap-user-group-krb5-auth: - - - - - - - - - - results - - - - - - - - - - 436s ldap-user-group-krb5-auth PASS 436s autopkgtest [18:28:24]: test sssd-softhism2-certificates-tests.sh: preparing testbed 551s autopkgtest [18:30:19]: testbed dpkg architecture: arm64 551s autopkgtest [18:30:19]: testbed apt version: 2.7.12 551s autopkgtest [18:30:19]: @@@@@@@@@@@@@@@@@@@@ test bed setup 552s Get:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease [117 kB] 555s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/restricted Sources [6540 B] 555s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/multiverse Sources [53.9 kB] 555s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/universe Sources [3809 kB] 555s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main Sources [501 kB] 555s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 Packages [690 kB] 555s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 c-n-f Metadata [3144 B] 555s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/restricted arm64 Packages [41.7 kB] 555s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/restricted arm64 c-n-f Metadata [116 B] 555s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/universe arm64 Packages [4224 kB] 555s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/universe arm64 c-n-f Metadata [8528 B] 555s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/multiverse arm64 Packages [67.6 kB] 555s Get:13 http://ftpmaster.internal/ubuntu noble-proposed/multiverse arm64 c-n-f Metadata [116 B] 558s Fetched 9523 kB in 3s (3626 kB/s) 559s Reading package lists... 562s Reading package lists... 563s Building dependency tree... 563s Reading state information... 563s Calculating upgrade... 564s The following packages will be REMOVED: 564s libssl3 564s The following NEW packages will be installed: 564s libssl3t64 564s The following packages will be upgraded: 564s libnss-systemd libpam-systemd libsystemd-shared libsystemd0 libudev1 systemd 564s systemd-dev systemd-resolved systemd-sysv systemd-timesyncd ubuntu-minimal 564s ubuntu-standard udev 564s 13 upgraded, 1 newly installed, 1 to remove and 0 not upgraded. 564s Need to get 10.5 MB of archives. 564s After this operation, 98.3 kB of additional disk space will be used. 564s Get:1 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 systemd-resolved arm64 255.4-1ubuntu5 [291 kB] 564s Get:2 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libnss-systemd arm64 255.4-1ubuntu5 [154 kB] 564s Get:3 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 systemd-dev all 255.4-1ubuntu5 [103 kB] 564s Get:4 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libssl3t64 arm64 3.0.13-0ubuntu2 [1793 kB] 564s Get:5 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 systemd arm64 255.4-1ubuntu5 [3403 kB] 564s Get:6 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 udev arm64 255.4-1ubuntu5 [1852 kB] 565s Get:7 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 systemd-sysv arm64 255.4-1ubuntu5 [11.9 kB] 565s Get:8 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libpam-systemd arm64 255.4-1ubuntu5 [232 kB] 565s Get:9 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 systemd-timesyncd arm64 255.4-1ubuntu5 [34.8 kB] 565s Get:10 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libsystemd-shared arm64 255.4-1ubuntu5 [2016 kB] 565s Get:11 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libudev1 arm64 255.4-1ubuntu5 [173 kB] 565s Get:12 http://ftpmaster.internal/ubuntu noble-proposed/main arm64 libsystemd0 arm64 255.4-1ubuntu5 [424 kB] 565s Get:13 http://ftpmaster.internal/ubuntu noble/main arm64 ubuntu-minimal arm64 1.536build1 [10.7 kB] 565s Get:14 http://ftpmaster.internal/ubuntu noble/main arm64 ubuntu-standard arm64 1.536build1 [10.7 kB] 565s Fetched 10.5 MB in 1s (11.6 MB/s) 565s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 75850 files and directories currently installed.) 565s Preparing to unpack .../systemd-resolved_255.4-1ubuntu5_arm64.deb ... 565s Unpacking systemd-resolved (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 570s Preparing to unpack .../libnss-systemd_255.4-1ubuntu5_arm64.deb ... 570s Unpacking libnss-systemd:arm64 (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 570s Preparing to unpack .../systemd-dev_255.4-1ubuntu5_all.deb ... 570s Unpacking systemd-dev (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 570s dpkg: libssl3:arm64: dependency problems, but removing anyway as you requested: 570s wget depends on libssl3 (>= 3.0.0). 570s u-boot-tools depends on libssl3 (>= 3.0.0). 570s tnftp depends on libssl3 (>= 3.0.0). 570s tcpdump depends on libssl3 (>= 3.0.0). 570s systemd depends on libssl3 (>= 3.0.0). 570s sudo depends on libssl3 (>= 3.0.0). 570s sbsigntool depends on libssl3 (>= 3.0.0). 570s rsync depends on libssl3 (>= 3.0.0). 570s python3-cryptography depends on libssl3 (>= 3.0.0). 570s openssl depends on libssl3 (>= 3.0.9). 570s openssh-server depends on libssl3 (>= 3.0.10). 570s openssh-client depends on libssl3 (>= 3.0.10). 570s mtd-utils depends on libssl3 (>= 3.0.0). 570s mokutil depends on libssl3 (>= 3.0.0). 570s linux-headers-6.8.0-11-generic depends on libssl3 (>= 3.0.0). 570s libsystemd-shared:arm64 depends on libssl3 (>= 3.0.0). 570s libssh-4:arm64 depends on libssl3 (>= 3.0.0). 570s libsasl2-modules:arm64 depends on libssl3 (>= 3.0.0). 570s libsasl2-2:arm64 depends on libssl3 (>= 3.0.0). 570s libpython3.12-minimal:arm64 depends on libssl3 (>= 3.0.0). 570s libpython3.11-minimal:arm64 depends on libssl3 (>= 3.0.0). 570s libnvme1 depends on libssl3 (>= 3.0.0). 570s libkrb5-3:arm64 depends on libssl3 (>= 3.0.0). 570s libkmod2:arm64 depends on libssl3 (>= 3.0.0). 570s libfido2-1:arm64 depends on libssl3 (>= 3.0.0). 570s libcurl4:arm64 depends on libssl3 (>= 3.0.0). 570s libcryptsetup12:arm64 depends on libssl3 (>= 3.0.0). 570s kmod depends on libssl3 (>= 3.0.0). 570s dhcpcd-base depends on libssl3 (>= 3.0.0). 570s bind9-libs:arm64 depends on libssl3 (>= 3.0.0). 570s 570s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 75850 files and directories currently installed.) 570s Removing libssl3:arm64 (3.0.10-1ubuntu4) ... 570s Selecting previously unselected package libssl3t64:arm64. 570s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 75839 files and directories currently installed.) 570s Preparing to unpack .../libssl3t64_3.0.13-0ubuntu2_arm64.deb ... 570s Unpacking libssl3t64:arm64 (3.0.13-0ubuntu2) ... 570s Setting up libssl3t64:arm64 (3.0.13-0ubuntu2) ... 570s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 75852 files and directories currently installed.) 570s Preparing to unpack .../systemd_255.4-1ubuntu5_arm64.deb ... 570s Unpacking systemd (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 570s Preparing to unpack .../udev_255.4-1ubuntu5_arm64.deb ... 570s Unpacking udev (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 570s Preparing to unpack .../libsystemd-shared_255.4-1ubuntu5_arm64.deb ... 570s Unpacking libsystemd-shared:arm64 (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 570s Setting up libsystemd-shared:arm64 (255.4-1ubuntu5) ... 570s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 75852 files and directories currently installed.) 570s Preparing to unpack .../libsystemd0_255.4-1ubuntu5_arm64.deb ... 570s Unpacking libsystemd0:arm64 (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 570s Setting up libsystemd0:arm64 (255.4-1ubuntu5) ... 570s Setting up systemd-dev (255.4-1ubuntu5) ... 570s Setting up systemd (255.4-1ubuntu5) ... 570s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 75852 files and directories currently installed.) 570s Preparing to unpack .../systemd-sysv_255.4-1ubuntu5_arm64.deb ... 570s Unpacking systemd-sysv (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 570s Preparing to unpack .../libpam-systemd_255.4-1ubuntu5_arm64.deb ... 570s Unpacking libpam-systemd:arm64 (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 570s Preparing to unpack .../systemd-timesyncd_255.4-1ubuntu5_arm64.deb ... 570s Unpacking systemd-timesyncd (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 570s Preparing to unpack .../libudev1_255.4-1ubuntu5_arm64.deb ... 570s Unpacking libudev1:arm64 (255.4-1ubuntu5) over (255.2-3ubuntu2) ... 570s Setting up libudev1:arm64 (255.4-1ubuntu5) ... 570s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 75852 files and directories currently installed.) 570s Preparing to unpack .../ubuntu-minimal_1.536build1_arm64.deb ... 570s Unpacking ubuntu-minimal (1.536build1) over (1.536) ... 570s Preparing to unpack .../ubuntu-standard_1.536build1_arm64.deb ... 570s Unpacking ubuntu-standard (1.536build1) over (1.536) ... 570s Setting up systemd-sysv (255.4-1ubuntu5) ... 570s Setting up libnss-systemd:arm64 (255.4-1ubuntu5) ... 570s Setting up systemd-timesyncd (255.4-1ubuntu5) ... 570s Setting up udev (255.4-1ubuntu5) ... 572s Setting up libpam-systemd:arm64 (255.4-1ubuntu5) ... 572s Setting up systemd-resolved (255.4-1ubuntu5) ... 573s Setting up ubuntu-minimal (1.536build1) ... 573s Setting up ubuntu-standard (1.536build1) ... 573s Processing triggers for dbus (1.14.10-4ubuntu1) ... 573s Processing triggers for initramfs-tools (0.142ubuntu20) ... 573s update-initramfs: Generating /boot/initrd.img-6.8.0-11-generic 573s W: No lz4 in /usr/bin:/sbin:/bin, using gzip 592s System running in EFI mode, skipping. 592s Processing triggers for libc-bin (2.39-0ubuntu2) ... 592s Processing triggers for man-db (2.12.0-3) ... 594s Reading package lists... 594s Building dependency tree... 594s Reading state information... 595s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 598s Hit:1 http://ftpmaster.internal/ubuntu noble-proposed InRelease 598s Hit:2 http://ftpmaster.internal/ubuntu noble InRelease 598s Hit:3 http://ftpmaster.internal/ubuntu noble-updates InRelease 598s Hit:4 http://ftpmaster.internal/ubuntu noble-security InRelease 598s Reading package lists... 598s Reading package lists... 599s Building dependency tree... 599s Reading state information... 600s Calculating upgrade... 600s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 600s Reading package lists... 601s Building dependency tree... 601s Reading state information... 602s 0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded. 602s autopkgtest [18:31:10]: rebooting testbed after setup commands that affected boot 756s autopkgtest-virt-ssh: WARNING: ssh connection failed. Retrying in 3 seconds... 776s Reading package lists... 776s Building dependency tree... 776s Reading state information... 777s Starting pkgProblemResolver with broken count: 0 777s Starting 2 pkgProblemResolver with broken count: 0 777s Done 778s The following additional packages will be installed: 778s gnutls-bin libavahi-client3 libavahi-common-data libavahi-common3 778s libbasicobjects0 libc-ares2 libcollection4 libcrack2 libdhash1 778s libevent-2.1-7 libgnutls-dane0 libini-config5 libipa-hbac0 libldb2 778s libnfsidmap1 libnss-sss libpam-pwquality libpam-sss libpath-utils1 778s libpwquality-common libpwquality1 libref-array1 libsmbclient libsofthsm2 778s libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 libtalloc2 libtdb1 778s libtevent0 libunbound8 libwbclient0 python3-sss samba-libs softhsm2 778s softhsm2-common sssd sssd-ad sssd-ad-common sssd-common sssd-ipa sssd-krb5 778s sssd-krb5-common sssd-ldap sssd-proxy 778s Suggested packages: 778s dns-root-data adcli libsss-sudo sssd-tools libsasl2-modules-ldap 778s Recommended packages: 778s cracklib-runtime libsasl2-modules-gssapi-mit 778s | libsasl2-modules-gssapi-heimdal ldap-utils 778s The following NEW packages will be installed: 778s autopkgtest-satdep gnutls-bin libavahi-client3 libavahi-common-data 778s libavahi-common3 libbasicobjects0 libc-ares2 libcollection4 libcrack2 778s libdhash1 libevent-2.1-7 libgnutls-dane0 libini-config5 libipa-hbac0 libldb2 778s libnfsidmap1 libnss-sss libpam-pwquality libpam-sss libpath-utils1 778s libpwquality-common libpwquality1 libref-array1 libsmbclient libsofthsm2 778s libsss-certmap0 libsss-idmap0 libsss-nss-idmap0 libtalloc2 libtdb1 778s libtevent0 libunbound8 libwbclient0 python3-sss samba-libs softhsm2 778s softhsm2-common sssd sssd-ad sssd-ad-common sssd-common sssd-ipa sssd-krb5 778s sssd-krb5-common sssd-ldap sssd-proxy 778s 0 upgraded, 46 newly installed, 0 to remove and 0 not upgraded. 778s Need to get 10.1 MB/10.1 MB of archives. 778s After this operation, 48.6 MB of additional disk space will be used. 778s Get:1 /tmp/autopkgtest.YVHgdk/3-autopkgtest-satdep.deb autopkgtest-satdep arm64 0 [748 B] 778s Get:2 http://ftpmaster.internal/ubuntu noble/main arm64 libevent-2.1-7 arm64 2.1.12-stable-9 [138 kB] 778s Get:3 http://ftpmaster.internal/ubuntu noble/main arm64 libunbound8 arm64 1.19.1-1ubuntu1 [423 kB] 778s Get:4 http://ftpmaster.internal/ubuntu noble/main arm64 libgnutls-dane0 arm64 3.8.3-1ubuntu1 [23.3 kB] 778s Get:5 http://ftpmaster.internal/ubuntu noble/universe arm64 gnutls-bin arm64 3.8.3-1ubuntu1 [267 kB] 778s Get:6 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-common-data arm64 0.8-13ubuntu2 [29.5 kB] 778s Get:7 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-common3 arm64 0.8-13ubuntu2 [23.2 kB] 778s Get:8 http://ftpmaster.internal/ubuntu noble/main arm64 libavahi-client3 arm64 0.8-13ubuntu2 [27.3 kB] 778s Get:9 http://ftpmaster.internal/ubuntu noble/main arm64 libcrack2 arm64 2.9.6-5.1 [28.7 kB] 778s Get:10 http://ftpmaster.internal/ubuntu noble/main arm64 libtalloc2 arm64 2.4.2-1 [26.6 kB] 778s Get:11 http://ftpmaster.internal/ubuntu noble/main arm64 libtdb1 arm64 1.4.10-1 [48.4 kB] 778s Get:12 http://ftpmaster.internal/ubuntu noble/main arm64 libtevent0 arm64 0.16.1-1 [41.8 kB] 778s Get:13 http://ftpmaster.internal/ubuntu noble/main arm64 libldb2 arm64 2:2.8.0+samba4.19.5+dfsg-1ubuntu1 [187 kB] 778s Get:14 http://ftpmaster.internal/ubuntu noble/main arm64 libnfsidmap1 arm64 1:2.6.3-3ubuntu1 [47.1 kB] 779s Get:15 http://ftpmaster.internal/ubuntu noble/main arm64 libpwquality-common all 1.4.5-3 [7658 B] 779s Get:16 http://ftpmaster.internal/ubuntu noble/main arm64 libpwquality1 arm64 1.4.5-3 [13.2 kB] 779s Get:17 http://ftpmaster.internal/ubuntu noble/main arm64 libpam-pwquality arm64 1.4.5-3 [11.6 kB] 779s Get:18 http://ftpmaster.internal/ubuntu noble/main arm64 libwbclient0 arm64 2:4.19.5+dfsg-1ubuntu1 [70.6 kB] 779s Get:19 http://ftpmaster.internal/ubuntu noble/main arm64 samba-libs arm64 2:4.19.5+dfsg-1ubuntu1 [6061 kB] 779s Get:20 http://ftpmaster.internal/ubuntu noble/universe arm64 softhsm2-common arm64 2.6.1-2.2 [5806 B] 779s Get:21 http://ftpmaster.internal/ubuntu noble/universe arm64 libsofthsm2 arm64 2.6.1-2.2 [246 kB] 779s Get:22 http://ftpmaster.internal/ubuntu noble/universe arm64 softhsm2 arm64 2.6.1-2.2 [167 kB] 779s Get:23 http://ftpmaster.internal/ubuntu noble/main arm64 python3-sss arm64 2.9.4-1ubuntu1 [46.5 kB] 779s Get:24 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-idmap0 arm64 2.9.4-1ubuntu1 [21.8 kB] 779s Get:25 http://ftpmaster.internal/ubuntu noble/main arm64 libnss-sss arm64 2.9.4-1ubuntu1 [31.7 kB] 779s Get:26 http://ftpmaster.internal/ubuntu noble/main arm64 libpam-sss arm64 2.9.4-1ubuntu1 [48.8 kB] 779s Get:27 http://ftpmaster.internal/ubuntu noble/main arm64 libc-ares2 arm64 1.27.0-1 [74.1 kB] 779s Get:28 http://ftpmaster.internal/ubuntu noble/main arm64 libdhash1 arm64 0.6.2-2 [8540 B] 779s Get:29 http://ftpmaster.internal/ubuntu noble/main arm64 libbasicobjects0 arm64 0.6.2-2 [5586 B] 779s Get:30 http://ftpmaster.internal/ubuntu noble/main arm64 libcollection4 arm64 0.6.2-2 [23.0 kB] 779s Get:31 http://ftpmaster.internal/ubuntu noble/main arm64 libpath-utils1 arm64 0.6.2-2 [8722 B] 779s Get:32 http://ftpmaster.internal/ubuntu noble/main arm64 libref-array1 arm64 0.6.2-2 [7042 B] 779s Get:33 http://ftpmaster.internal/ubuntu noble/main arm64 libini-config5 arm64 0.6.2-2 [43.7 kB] 779s Get:34 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-certmap0 arm64 2.9.4-1ubuntu1 [45.8 kB] 779s Get:35 http://ftpmaster.internal/ubuntu noble/main arm64 libsss-nss-idmap0 arm64 2.9.4-1ubuntu1 [30.3 kB] 779s Get:36 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-common arm64 2.9.4-1ubuntu1 [1147 kB] 779s Get:37 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ad-common arm64 2.9.4-1ubuntu1 [75.4 kB] 779s Get:38 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-krb5-common arm64 2.9.4-1ubuntu1 [87.9 kB] 779s Get:39 http://ftpmaster.internal/ubuntu noble/main arm64 libsmbclient arm64 2:4.19.5+dfsg-1ubuntu1 [62.2 kB] 779s Get:40 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ad arm64 2.9.4-1ubuntu1 [134 kB] 779s Get:41 http://ftpmaster.internal/ubuntu noble/main arm64 libipa-hbac0 arm64 2.9.4-1ubuntu1 [16.7 kB] 779s Get:42 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ipa arm64 2.9.4-1ubuntu1 [220 kB] 779s Get:43 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-krb5 arm64 2.9.4-1ubuntu1 [14.3 kB] 779s Get:44 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-ldap arm64 2.9.4-1ubuntu1 [31.3 kB] 779s Get:45 http://ftpmaster.internal/ubuntu noble/main arm64 sssd-proxy arm64 2.9.4-1ubuntu1 [44.6 kB] 779s Get:46 http://ftpmaster.internal/ubuntu noble/main arm64 sssd arm64 2.9.4-1ubuntu1 [4120 B] 780s Fetched 10.1 MB in 1s (9160 kB/s) 780s Selecting previously unselected package libevent-2.1-7:arm64. 780s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 75852 files and directories currently installed.) 780s Preparing to unpack .../00-libevent-2.1-7_2.1.12-stable-9_arm64.deb ... 780s Unpacking libevent-2.1-7:arm64 (2.1.12-stable-9) ... 780s Selecting previously unselected package libunbound8:arm64. 780s Preparing to unpack .../01-libunbound8_1.19.1-1ubuntu1_arm64.deb ... 780s Unpacking libunbound8:arm64 (1.19.1-1ubuntu1) ... 780s Selecting previously unselected package libgnutls-dane0:arm64. 780s Preparing to unpack .../02-libgnutls-dane0_3.8.3-1ubuntu1_arm64.deb ... 780s Unpacking libgnutls-dane0:arm64 (3.8.3-1ubuntu1) ... 780s Selecting previously unselected package gnutls-bin. 780s Preparing to unpack .../03-gnutls-bin_3.8.3-1ubuntu1_arm64.deb ... 780s Unpacking gnutls-bin (3.8.3-1ubuntu1) ... 780s Selecting previously unselected package libavahi-common-data:arm64. 780s Preparing to unpack .../04-libavahi-common-data_0.8-13ubuntu2_arm64.deb ... 780s Unpacking libavahi-common-data:arm64 (0.8-13ubuntu2) ... 780s Selecting previously unselected package libavahi-common3:arm64. 780s Preparing to unpack .../05-libavahi-common3_0.8-13ubuntu2_arm64.deb ... 780s Unpacking libavahi-common3:arm64 (0.8-13ubuntu2) ... 780s Selecting previously unselected package libavahi-client3:arm64. 780s Preparing to unpack .../06-libavahi-client3_0.8-13ubuntu2_arm64.deb ... 780s Unpacking libavahi-client3:arm64 (0.8-13ubuntu2) ... 780s Selecting previously unselected package libcrack2:arm64. 780s Preparing to unpack .../07-libcrack2_2.9.6-5.1_arm64.deb ... 780s Unpacking libcrack2:arm64 (2.9.6-5.1) ... 780s Selecting previously unselected package libtalloc2:arm64. 780s Preparing to unpack .../08-libtalloc2_2.4.2-1_arm64.deb ... 780s Unpacking libtalloc2:arm64 (2.4.2-1) ... 780s Selecting previously unselected package libtdb1:arm64. 780s Preparing to unpack .../09-libtdb1_1.4.10-1_arm64.deb ... 780s Unpacking libtdb1:arm64 (1.4.10-1) ... 780s Selecting previously unselected package libtevent0:arm64. 780s Preparing to unpack .../10-libtevent0_0.16.1-1_arm64.deb ... 780s Unpacking libtevent0:arm64 (0.16.1-1) ... 780s Selecting previously unselected package libldb2:arm64. 780s Preparing to unpack .../11-libldb2_2%3a2.8.0+samba4.19.5+dfsg-1ubuntu1_arm64.deb ... 780s Unpacking libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 780s Selecting previously unselected package libnfsidmap1:arm64. 780s Preparing to unpack .../12-libnfsidmap1_1%3a2.6.3-3ubuntu1_arm64.deb ... 780s Unpacking libnfsidmap1:arm64 (1:2.6.3-3ubuntu1) ... 780s Selecting previously unselected package libpwquality-common. 780s Preparing to unpack .../13-libpwquality-common_1.4.5-3_all.deb ... 780s Unpacking libpwquality-common (1.4.5-3) ... 780s Selecting previously unselected package libpwquality1:arm64. 780s Preparing to unpack .../14-libpwquality1_1.4.5-3_arm64.deb ... 780s Unpacking libpwquality1:arm64 (1.4.5-3) ... 780s Selecting previously unselected package libpam-pwquality:arm64. 780s Preparing to unpack .../15-libpam-pwquality_1.4.5-3_arm64.deb ... 780s Unpacking libpam-pwquality:arm64 (1.4.5-3) ... 780s Selecting previously unselected package libwbclient0:arm64. 780s Preparing to unpack .../16-libwbclient0_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 780s Unpacking libwbclient0:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 780s Selecting previously unselected package samba-libs:arm64. 780s Preparing to unpack .../17-samba-libs_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 780s Unpacking samba-libs:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 781s Selecting previously unselected package softhsm2-common. 781s Preparing to unpack .../18-softhsm2-common_2.6.1-2.2_arm64.deb ... 781s Unpacking softhsm2-common (2.6.1-2.2) ... 781s Selecting previously unselected package libsofthsm2. 781s Preparing to unpack .../19-libsofthsm2_2.6.1-2.2_arm64.deb ... 781s Unpacking libsofthsm2 (2.6.1-2.2) ... 781s Selecting previously unselected package softhsm2. 781s Preparing to unpack .../20-softhsm2_2.6.1-2.2_arm64.deb ... 781s Unpacking softhsm2 (2.6.1-2.2) ... 781s Selecting previously unselected package python3-sss. 781s Preparing to unpack .../21-python3-sss_2.9.4-1ubuntu1_arm64.deb ... 781s Unpacking python3-sss (2.9.4-1ubuntu1) ... 781s Selecting previously unselected package libsss-idmap0. 781s Preparing to unpack .../22-libsss-idmap0_2.9.4-1ubuntu1_arm64.deb ... 781s Unpacking libsss-idmap0 (2.9.4-1ubuntu1) ... 781s Selecting previously unselected package libnss-sss:arm64. 781s Preparing to unpack .../23-libnss-sss_2.9.4-1ubuntu1_arm64.deb ... 781s Unpacking libnss-sss:arm64 (2.9.4-1ubuntu1) ... 781s Selecting previously unselected package libpam-sss:arm64. 781s Preparing to unpack .../24-libpam-sss_2.9.4-1ubuntu1_arm64.deb ... 781s Unpacking libpam-sss:arm64 (2.9.4-1ubuntu1) ... 781s Selecting previously unselected package libc-ares2:arm64. 781s Preparing to unpack .../25-libc-ares2_1.27.0-1_arm64.deb ... 781s Unpacking libc-ares2:arm64 (1.27.0-1) ... 781s Selecting previously unselected package libdhash1:arm64. 781s Preparing to unpack .../26-libdhash1_0.6.2-2_arm64.deb ... 781s Unpacking libdhash1:arm64 (0.6.2-2) ... 781s Selecting previously unselected package libbasicobjects0:arm64. 781s Preparing to unpack .../27-libbasicobjects0_0.6.2-2_arm64.deb ... 781s Unpacking libbasicobjects0:arm64 (0.6.2-2) ... 781s Selecting previously unselected package libcollection4:arm64. 781s Preparing to unpack .../28-libcollection4_0.6.2-2_arm64.deb ... 781s Unpacking libcollection4:arm64 (0.6.2-2) ... 781s Selecting previously unselected package libpath-utils1:arm64. 781s Preparing to unpack .../29-libpath-utils1_0.6.2-2_arm64.deb ... 781s Unpacking libpath-utils1:arm64 (0.6.2-2) ... 781s Selecting previously unselected package libref-array1:arm64. 781s Preparing to unpack .../30-libref-array1_0.6.2-2_arm64.deb ... 781s Unpacking libref-array1:arm64 (0.6.2-2) ... 781s Selecting previously unselected package libini-config5:arm64. 781s Preparing to unpack .../31-libini-config5_0.6.2-2_arm64.deb ... 781s Unpacking libini-config5:arm64 (0.6.2-2) ... 781s Selecting previously unselected package libsss-certmap0. 781s Preparing to unpack .../32-libsss-certmap0_2.9.4-1ubuntu1_arm64.deb ... 781s Unpacking libsss-certmap0 (2.9.4-1ubuntu1) ... 781s Selecting previously unselected package libsss-nss-idmap0. 781s Preparing to unpack .../33-libsss-nss-idmap0_2.9.4-1ubuntu1_arm64.deb ... 781s Unpacking libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 781s Selecting previously unselected package sssd-common. 781s Preparing to unpack .../34-sssd-common_2.9.4-1ubuntu1_arm64.deb ... 781s Unpacking sssd-common (2.9.4-1ubuntu1) ... 782s Selecting previously unselected package sssd-ad-common. 782s Preparing to unpack .../35-sssd-ad-common_2.9.4-1ubuntu1_arm64.deb ... 782s Unpacking sssd-ad-common (2.9.4-1ubuntu1) ... 782s Selecting previously unselected package sssd-krb5-common. 782s Preparing to unpack .../36-sssd-krb5-common_2.9.4-1ubuntu1_arm64.deb ... 782s Unpacking sssd-krb5-common (2.9.4-1ubuntu1) ... 782s Selecting previously unselected package libsmbclient:arm64. 782s Preparing to unpack .../37-libsmbclient_2%3a4.19.5+dfsg-1ubuntu1_arm64.deb ... 782s Unpacking libsmbclient:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 782s Selecting previously unselected package sssd-ad. 782s Preparing to unpack .../38-sssd-ad_2.9.4-1ubuntu1_arm64.deb ... 782s Unpacking sssd-ad (2.9.4-1ubuntu1) ... 782s Selecting previously unselected package libipa-hbac0. 782s Preparing to unpack .../39-libipa-hbac0_2.9.4-1ubuntu1_arm64.deb ... 782s Unpacking libipa-hbac0 (2.9.4-1ubuntu1) ... 782s Selecting previously unselected package sssd-ipa. 782s Preparing to unpack .../40-sssd-ipa_2.9.4-1ubuntu1_arm64.deb ... 782s Unpacking sssd-ipa (2.9.4-1ubuntu1) ... 782s Selecting previously unselected package sssd-krb5. 782s Preparing to unpack .../41-sssd-krb5_2.9.4-1ubuntu1_arm64.deb ... 782s Unpacking sssd-krb5 (2.9.4-1ubuntu1) ... 782s Selecting previously unselected package sssd-ldap. 782s Preparing to unpack .../42-sssd-ldap_2.9.4-1ubuntu1_arm64.deb ... 782s Unpacking sssd-ldap (2.9.4-1ubuntu1) ... 782s Selecting previously unselected package sssd-proxy. 782s Preparing to unpack .../43-sssd-proxy_2.9.4-1ubuntu1_arm64.deb ... 782s Unpacking sssd-proxy (2.9.4-1ubuntu1) ... 782s Selecting previously unselected package sssd. 782s Preparing to unpack .../44-sssd_2.9.4-1ubuntu1_arm64.deb ... 782s Unpacking sssd (2.9.4-1ubuntu1) ... 782s Selecting previously unselected package autopkgtest-satdep. 782s Preparing to unpack .../45-3-autopkgtest-satdep.deb ... 782s Unpacking autopkgtest-satdep (0) ... 782s Setting up libpwquality-common (1.4.5-3) ... 782s Setting up libpath-utils1:arm64 (0.6.2-2) ... 782s Setting up softhsm2-common (2.6.1-2.2) ... 782s 782s Creating config file /etc/softhsm/softhsm2.conf with new version 783s Setting up libnfsidmap1:arm64 (1:2.6.3-3ubuntu1) ... 783s Setting up libsss-idmap0 (2.9.4-1ubuntu1) ... 783s Setting up libbasicobjects0:arm64 (0.6.2-2) ... 783s Setting up libtdb1:arm64 (1.4.10-1) ... 783s Setting up libc-ares2:arm64 (1.27.0-1) ... 783s Setting up libwbclient0:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 783s Setting up libtalloc2:arm64 (2.4.2-1) ... 783s Setting up libdhash1:arm64 (0.6.2-2) ... 783s Setting up libtevent0:arm64 (0.16.1-1) ... 783s Setting up libavahi-common-data:arm64 (0.8-13ubuntu2) ... 783s Setting up libevent-2.1-7:arm64 (2.1.12-stable-9) ... 783s Setting up libcrack2:arm64 (2.9.6-5.1) ... 783s Setting up libcollection4:arm64 (0.6.2-2) ... 783s Setting up libipa-hbac0 (2.9.4-1ubuntu1) ... 783s Setting up libref-array1:arm64 (0.6.2-2) ... 783s Setting up libldb2:arm64 (2:2.8.0+samba4.19.5+dfsg-1ubuntu1) ... 783s Setting up libsss-nss-idmap0 (2.9.4-1ubuntu1) ... 783s Setting up libnss-sss:arm64 (2.9.4-1ubuntu1) ... 783s Setting up libsofthsm2 (2.6.1-2.2) ... 783s Setting up softhsm2 (2.6.1-2.2) ... 783s Setting up libini-config5:arm64 (0.6.2-2) ... 783s Setting up libavahi-common3:arm64 (0.8-13ubuntu2) ... 783s Setting up python3-sss (2.9.4-1ubuntu1) ... 783s Setting up libsss-certmap0 (2.9.4-1ubuntu1) ... 783s Setting up libunbound8:arm64 (1.19.1-1ubuntu1) ... 783s Setting up libpwquality1:arm64 (1.4.5-3) ... 783s Setting up libavahi-client3:arm64 (0.8-13ubuntu2) ... 783s Setting up libgnutls-dane0:arm64 (3.8.3-1ubuntu1) ... 783s Setting up libpam-pwquality:arm64 (1.4.5-3) ... 783s Setting up samba-libs:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 783s Setting up libsmbclient:arm64 (2:4.19.5+dfsg-1ubuntu1) ... 783s Setting up libpam-sss:arm64 (2.9.4-1ubuntu1) ... 784s Setting up gnutls-bin (3.8.3-1ubuntu1) ... 784s Setting up sssd-common (2.9.4-1ubuntu1) ... 784s Creating SSSD system user & group... 784s warn: The home directory `/var/lib/sss' already exists. Not touching this directory. 784s warn: Warning: The home directory `/var/lib/sss' does not belong to the user you are currently creating. 784s Warning: found usr.sbin.sssd in /etc/apparmor.d/force-complain, forcing complain mode 784s Warning from /etc/apparmor.d/usr.sbin.sssd (/etc/apparmor.d/usr.sbin.sssd line 63): Caching disabled for: 'usr.sbin.sssd' due to force complain 785s Created symlink /etc/systemd/system/sssd.service.wants/sssd-autofs.socket → /usr/lib/systemd/system/sssd-autofs.socket. 785s Created symlink /etc/systemd/system/sssd.service.wants/sssd-nss.socket → /usr/lib/systemd/system/sssd-nss.socket. 786s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam-priv.socket → /usr/lib/systemd/system/sssd-pam-priv.socket. 786s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pam.socket → /usr/lib/systemd/system/sssd-pam.socket. 787s Created symlink /etc/systemd/system/sssd.service.wants/sssd-ssh.socket → /usr/lib/systemd/system/sssd-ssh.socket. 787s Created symlink /etc/systemd/system/sssd.service.wants/sssd-sudo.socket → /usr/lib/systemd/system/sssd-sudo.socket. 788s Created symlink /etc/systemd/system/multi-user.target.wants/sssd.service → /usr/lib/systemd/system/sssd.service. 789s sssd-autofs.service is a disabled or a static unit, not starting it. 789s sssd-nss.service is a disabled or a static unit, not starting it. 789s sssd-pam.service is a disabled or a static unit, not starting it. 789s sssd-ssh.service is a disabled or a static unit, not starting it. 789s sssd-sudo.service is a disabled or a static unit, not starting it. 789s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 789s Setting up sssd-proxy (2.9.4-1ubuntu1) ... 789s Setting up sssd-ad-common (2.9.4-1ubuntu1) ... 789s Created symlink /etc/systemd/system/sssd.service.wants/sssd-pac.socket → /usr/lib/systemd/system/sssd-pac.socket. 790s sssd-pac.service is a disabled or a static unit, not starting it. 790s Could not execute systemctl: at /usr/bin/deb-systemd-invoke line 148. 790s Setting up sssd-krb5-common (2.9.4-1ubuntu1) ... 790s Setting up sssd-krb5 (2.9.4-1ubuntu1) ... 791s Setting up sssd-ldap (2.9.4-1ubuntu1) ... 791s Setting up sssd-ad (2.9.4-1ubuntu1) ... 791s Setting up sssd-ipa (2.9.4-1ubuntu1) ... 791s Setting up sssd (2.9.4-1ubuntu1) ... 791s Setting up autopkgtest-satdep (0) ... 791s Processing triggers for man-db (2.12.0-3) ... 792s Processing triggers for libc-bin (2.39-0ubuntu2) ... 797s (Reading database ... 76440 files and directories currently installed.) 797s Removing autopkgtest-satdep (0) ... 810s autopkgtest [18:34:38]: test sssd-softhism2-certificates-tests.sh: [----------------------- 810s + '[' -z ubuntu ']' 810s + required_tools=(p11tool openssl softhsm2-util) 810s + for cmd in "${required_tools[@]}" 810s + command -v p11tool 810s + for cmd in "${required_tools[@]}" 810s + command -v openssl 810s + for cmd in "${required_tools[@]}" 810s + command -v softhsm2-util 810s + PIN=053350 810s +++ find /usr/lib/softhsm/libsofthsm2.so 810s +++ head -n 1 810s ++ realpath /usr/lib/softhsm/libsofthsm2.so 810s + SOFTHSM2_MODULE=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 810s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 810s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 810s + '[' '!' -v NO_SSSD_TESTS ']' 810s + '[' '!' -x /usr/libexec/sssd/p11_child ']' 810s + ca_db_arg=ca_db 810s ++ /usr/libexec/sssd/p11_child --help 810s + p11_child_help='Usage: p11_child [OPTION...] 810s -d, --debug-level=INT Debug level 810s --debug-timestamps=INT Add debug timestamps 810s --debug-microseconds=INT Show timestamps with microseconds 810s --dumpable=INT Allow core dumps 810s --debug-fd=INT An open file descriptor for the debug 810s logs 810s --logger=stderr|files|journald Set logger 810s --auth Run in auth mode 810s --pre Run in pre-auth mode 810s --wait_for_card Wait until card is available 810s --verification Run in verification mode 810s --pin Expect PIN on stdin 810s --keypad Expect PIN on keypad 810s --verify=STRING Tune validation 810s --ca_db=STRING CA DB to use 810s --module_name=STRING Module name for authentication 810s --token_name=STRING Token name for authentication 810s --key_id=STRING Key ID for authentication 810s --label=STRING Label for authentication 810s --certificate=STRING certificate to verify, base64 encoded 810s --uri=STRING PKCS#11 URI to restrict selection 810s --chain-id=LONG Tevent chain ID used for logging 810s purposes 810s 810s Help options: 810s -?, --help Show this help message 810s --usage Display brief usage message' 810s + echo 'Usage: p11_child [OPTION...] 810s -d, --debug-level=INT Debug level 810s --debug-timestamps=INT Add debug timestamps 810s --debug-microseconds=INT Show timestamps with microseconds 810s --dumpable=INT Allow core dumps 810s --debug-fd=INT An open file descriptor for the debug 810s logs 810s --logger=stderr|files|journald Set logger 810s --auth Run in auth mode 810s --pre Run in pre-auth mode 810s --wait_for_card Wait until card is available 810s --verification Run in verification mode 810s --pin Expect PIN on stdin 810s --keypad Expect PIN on keypad 810s --verify=STRING Tune validation 810s --ca_db=STRING CA DB to use 810s --module_name=STRING Module name for authentication 810s --token_name=STRING Token name for authentication 810s --key_id=STRING Key ID for authentication 810s --label=STRING Label for authentication 810s --certificate=STRING certificate to verify, base64 encoded 810s --uri=STRING PKCS#11 URI to restrict selection 810s --chain-id=LONG Tevent chain ID used for logging 810s purposes 810s 810s Help options: 810s -?, --help Show this help message 810s --usage Display brief usage message' 810s + grep nssdb -qs 810s + echo 'Usage: p11_child [OPTION...] 810s -d, --debug-level=INT Debug level 810s + grep -qs -- --ca_db 810s --debug-timestamps=INT Add debug timestamps 810s --debug-microseconds=INT Show timestamps with microseconds 810s --dumpable=INT Allow core dumps 810s --debug-fd=INT An open file descriptor for the debug 810s logs 810s --logger=stderr|files|journald Set logger 810s --auth Run in auth mode 810s --pre Run in pre-auth mode 810s --wait_for_card Wait until card is available 810s --verification Run in verification mode 810s --pin Expect PIN on stdin 810s --keypad Expect PIN on keypad 810s --verify=STRING Tune validation 810s --ca_db=STRING CA DB to use 810s --module_name=STRING Module name for authentication 810s --token_name=STRING Token name for authentication 810s --key_id=STRING Key ID for authentication 810s --label=STRING Label for authentication 810s --certificate=STRING certificate to verify, base64 encoded 810s --uri=STRING PKCS#11 URI to restrict selection 810s --chain-id=LONG Tevent chain ID used for logging 810s purposes 810s 810s Help options: 810s -?, --help Show this help message 810s --usage Display brief usage message' 810s + '[' '!' -e /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so ']' 810s ++ mktemp -d -t sssd-softhsm2-XXXXXX 810s + tmpdir=/tmp/sssd-softhsm2-tcILm7 810s + keys_size=1024 810s + [[ ! -v KEEP_TEMPORARY_FILES ]] 810s + trap 'rm -rf "$tmpdir"' EXIT 810s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 810s + echo -n 01 810s + touch /tmp/sssd-softhsm2-tcILm7/index.txt 810s + mkdir -p /tmp/sssd-softhsm2-tcILm7/new_certs 810s + cat 810s + root_ca_key_pass=pass:random-root-CA-password-15861 810s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-tcILm7/test-root-CA-key.pem -passout pass:random-root-CA-password-15861 1024 810s + openssl req -passin pass:random-root-CA-password-15861 -batch -config /tmp/sssd-softhsm2-tcILm7/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-tcILm7/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 810s + openssl x509 -noout -in /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 810s + cat 810s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-25852 810s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-25852 1024 810s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-25852 -config /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.config -key /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-15861 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-certificate-request.pem 810s Certificate Request: 810s Data: 810s Version: 1 (0x0) 810s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 810s Subject Public Key Info: 810s Public Key Algorithm: rsaEncryption 810s Public-Key: (1024 bit) 810s Modulus: 810s 00:c6:44:1a:3a:7f:f7:b9:2f:2f:5b:f1:22:5e:6f: 810s df:06:d7:2e:3d:2d:91:35:7c:d0:52:97:a4:f6:fa: 810s df:2d:a2:fb:11:80:bd:91:c8:47:2e:a6:58:6b:ab: 810s 1f:c8:be:3f:b8:7a:ab:1d:85:0d:9e:e5:3f:d0:73: 810s 53:c4:fb:31:c0:9f:9b:93:f2:a1:bc:61:fe:88:36: 810s 5b:8d:62:18:a6:e2:5f:c5:ae:2a:38:91:64:19:98: 810s 5b:74:02:2e:5e:46:99:5c:a7:00:91:a7:4b:3f:fb: 810s 5f:61:49:f1:5d:8a:9a:71:98:b0:03:86:a2:dc:cb: 810s 24:dc:77:ce:f2:f9:10:7e:fb 810s Exponent: 65537 (0x10001) 810s Attributes: 810s (none) 810s Requested Extensions: 810s Signature Algorithm: sha256WithRSAEncryption 810s Signature Value: 810s 3d:3f:6b:00:19:cb:ba:49:9f:bb:ef:18:42:9e:f1:79:7e:0b: 810s 54:f4:47:40:0b:48:ee:f9:f1:68:1b:50:7b:cb:4e:d2:ae:08: 810s 5c:01:36:a7:04:6b:89:b1:bd:a4:d7:04:f6:19:ca:46:27:d9: 810s 7f:02:5f:6a:9a:aa:cf:ed:34:fa:bf:68:e7:d7:12:a6:fd:99: 810s 86:17:57:45:52:3a:93:e3:03:fd:df:a5:62:06:3a:1c:af:34: 810s 01:ca:95:ee:d5:83:4a:c9:bf:9f:a9:17:73:cb:f6:23:3e:f9: 810s 2a:00:7e:80:b5:8a:cc:b9:43:a5:87:a6:fb:5e:ae:84:fb:c3: 810s 41:95 810s + openssl req -text -noout -in /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-certificate-request.pem 810s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-tcILm7/test-root-CA.config -passin pass:random-root-CA-password-15861 -keyfile /tmp/sssd-softhsm2-tcILm7/test-root-CA-key.pem -in /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem 810s Using configuration from /tmp/sssd-softhsm2-tcILm7/test-root-CA.config 810s Check that the request matches the signature 810s Signature ok 810s Certificate Details: 810s Serial Number: 1 (0x1) 810s Validity 810s Not Before: Mar 20 18:34:38 2024 GMT 810s Not After : Mar 20 18:34:38 2025 GMT 810s Subject: 810s organizationName = Test Organization 810s organizationalUnitName = Test Organization Unit 810s commonName = Test Organization Intermediate CA 810s X509v3 extensions: 810s X509v3 Subject Key Identifier: 810s CE:51:CA:54:B1:06:48:27:14:9C:68:3C:FE:0B:61:01:3E:E3:34:A6 810s X509v3 Authority Key Identifier: 810s keyid:0B:E3:CD:1B:0A:4B:1C:68:AB:E1:F4:1D:66:CE:C5:AF:55:55:99:BB 810s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 810s serial:00 810s X509v3 Basic Constraints: 810s CA:TRUE 810s X509v3 Key Usage: critical 810s Digital Signature, Certificate Sign, CRL Sign 810s Certificate is to be certified until Mar 20 18:34:38 2025 GMT (365 days) 810s 810s Write out database with 1 new entries 810s Database updated 810s + openssl x509 -noout -in /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem 810s + openssl verify -CAfile /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem 810s /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem: OK 810s + cat 810s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-5417 810s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-5417 1024 810s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-5417 -config /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-25852 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-certificate-request.pem 810s + openssl req -text -noout -in /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-certificate-request.pem 811s Certificate Request: 811s Data: 811s Version: 1 (0x0) 811s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 811s Subject Public Key Info: 811s Public Key Algorithm: rsaEncryption 811s Public-Key: (1024 bit) 811s Modulus: 811s 00:e8:fe:25:37:8e:43:90:89:2a:71:5f:bf:94:8b: 811s 1b:a1:a1:7e:fb:52:c4:e4:ca:c6:60:1a:c8:ea:33: 811s b7:64:ea:5d:21:fb:6b:ce:cf:55:b3:4d:e8:b5:4f: 811s 59:ed:f7:e0:53:e9:a0:61:e6:a2:62:9e:17:de:1d: 811s 7f:31:9a:6d:89:01:25:cd:39:16:77:46:ce:3a:eb: 811s df:73:96:41:26:e9:f9:eb:75:29:70:df:37:b1:20: 811s 98:66:4a:f2:de:f1:56:61:94:35:12:33:d1:f7:25: 811s 07:c3:67:cd:6c:cc:14:42:0b:4c:c6:70:ff:54:c7: 811s f2:c1:6e:bc:15:27:44:55:5b 811s Exponent: 65537 (0x10001) 811s Attributes: 811s (none) 811s Requested Extensions: 811s Signature Algorithm: sha256WithRSAEncryption 811s Signature Value: 811s 74:09:c5:1b:76:41:86:b0:be:94:9e:9a:ae:f5:96:2e:68:c0: 811s 60:30:d9:11:e7:6f:9b:f1:54:2a:5b:c7:79:dc:66:ac:8b:cc: 811s 8f:67:e5:18:29:32:fe:7f:d4:ba:36:61:e5:81:89:aa:43:b7: 811s c3:44:a4:29:00:95:a0:aa:01:41:f6:f2:23:9e:55:90:31:87: 811s 45:91:5a:66:66:da:ca:49:19:f3:b3:66:4c:e9:ef:36:1c:01: 811s 03:b1:13:4c:a4:92:f3:ff:64:ea:6e:44:08:af:e9:85:55:c5: 811s a5:1a:28:67:b5:80:5b:5e:82:3b:91:55:77:b2:50:60:5e:f3: 811s 63:fc 811s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-25852 -keyfile /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem 811s Using configuration from /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.config 811s Check that the request matches the signature 811s Signature ok 811s Certificate Details: 811s Serial Number: 2 (0x2) 811s Validity 811s Not Before: Mar 20 18:34:38 2024 GMT 811s Not After : Mar 20 18:34:38 2025 GMT 811s Subject: 811s organizationName = Test Organization 811s organizationalUnitName = Test Organization Unit 811s commonName = Test Organization Sub Intermediate CA 811s X509v3 extensions: 811s X509v3 Subject Key Identifier: 811s F9:57:6C:50:D2:EE:83:DE:A1:CE:5F:16:1E:6E:78:BD:56:CD:C4:A6 811s X509v3 Authority Key Identifier: 811s keyid:CE:51:CA:54:B1:06:48:27:14:9C:68:3C:FE:0B:61:01:3E:E3:34:A6 811s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 811s serial:01 811s X509v3 Basic Constraints: 811s CA:TRUE 811s X509v3 Key Usage: critical 811s Digital Signature, Certificate Sign, CRL Sign 811s Certificate is to be certified until Mar 20 18:34:38 2025 GMT (365 days) 811s 811s Write out database with 1 new entries 811s Database updated 811s + openssl x509 -noout -in /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem 811s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem 811s /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem: OK 811s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem 811s + local cmd=openssl 811s + shift 811s + openssl verify -CAfile /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem 811s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 811s error 20 at 0 depth lookup: unable to get local issuer certificate 811s error /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem: verification failed 811s + cat 811s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-24312 811s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-24312 1024 811s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-24312 -key /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001-request.pem 811s + openssl req -text -noout -in /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001-request.pem 811s Certificate Request: 811s Data: 811s Version: 1 (0x0) 811s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 811s Subject Public Key Info: 811s Public Key Algorithm: rsaEncryption 811s Public-Key: (1024 bit) 811s Modulus: 811s 00:aa:2e:18:43:63:fe:60:6b:83:d3:38:5b:59:f5: 811s e2:7a:64:f0:06:d5:f9:e7:e3:fe:cd:cf:18:02:c0: 811s 31:74:13:45:19:74:f0:9b:e9:f2:67:d0:4f:89:01: 811s b6:d5:f3:9c:98:c6:61:e3:0d:68:a4:89:ba:60:f4: 811s 86:c6:77:81:40:05:e0:cd:cb:71:9e:3e:51:60:03: 811s 0b:f2:a7:3e:7f:4b:a0:5d:93:cd:47:85:03:c3:d1: 811s 37:2c:6b:75:bb:44:81:4a:de:b2:1b:20:26:0c:03: 811s da:d7:44:74:30:56:99:ac:a8:74:a6:7c:33:9b:8e: 811s af:6a:af:ef:e0:4b:e3:a2:99 811s Exponent: 65537 (0x10001) 811s Attributes: 811s Requested Extensions: 811s X509v3 Basic Constraints: 811s CA:FALSE 811s Netscape Cert Type: 811s SSL Client, S/MIME 811s Netscape Comment: 811s Test Organization Root CA trusted Certificate 811s X509v3 Subject Key Identifier: 811s 40:D7:1F:2F:DD:14:E8:44:F7:F4:6A:E8:AC:6F:56:7A:6A:9B:61:B6 811s X509v3 Key Usage: critical 811s Digital Signature, Non Repudiation, Key Encipherment 811s X509v3 Extended Key Usage: 811s TLS Web Client Authentication, E-mail Protection 811s X509v3 Subject Alternative Name: 811s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 811s Signature Algorithm: sha256WithRSAEncryption 811s Signature Value: 811s 6e:b3:95:43:62:95:ff:37:3e:41:14:06:17:9b:f3:63:fc:c3: 811s 6e:b4:11:b9:2e:3f:1e:2f:f3:82:b3:81:ed:28:12:be:5b:92: 811s 2d:96:44:a1:e6:1b:95:59:3e:1e:69:e7:cb:f7:aa:55:43:3a: 811s f3:0a:d4:93:ad:ba:0a:96:75:61:fa:5c:02:bd:64:9e:62:bd: 811s ec:f1:50:b1:87:fd:c9:95:83:87:c7:b8:2c:55:a2:76:d7:ae: 811s dc:a7:38:e4:ae:49:f6:ce:12:e1:83:c9:3b:ea:22:a7:fc:94: 811s 51:c7:da:fe:d2:f9:99:8c:c4:ed:31:ef:a3:2b:ed:25:1b:c3: 811s ed:f1 811s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-tcILm7/test-root-CA.config -passin pass:random-root-CA-password-15861 -keyfile /tmp/sssd-softhsm2-tcILm7/test-root-CA-key.pem -in /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 811s Using configuration from /tmp/sssd-softhsm2-tcILm7/test-root-CA.config 811s Check that the request matches the signature 811s Signature ok 811s Certificate Details: 811s Serial Number: 3 (0x3) 811s Validity 811s Not Before: Mar 20 18:34:39 2024 GMT 811s Not After : Mar 20 18:34:39 2025 GMT 811s Subject: 811s organizationName = Test Organization 811s organizationalUnitName = Test Organization Unit 811s commonName = Test Organization Root Trusted Certificate 0001 811s X509v3 extensions: 811s X509v3 Authority Key Identifier: 811s 0B:E3:CD:1B:0A:4B:1C:68:AB:E1:F4:1D:66:CE:C5:AF:55:55:99:BB 811s X509v3 Basic Constraints: 811s CA:FALSE 811s Netscape Cert Type: 811s SSL Client, S/MIME 811s Netscape Comment: 811s Test Organization Root CA trusted Certificate 811s X509v3 Subject Key Identifier: 811s 40:D7:1F:2F:DD:14:E8:44:F7:F4:6A:E8:AC:6F:56:7A:6A:9B:61:B6 811s X509v3 Key Usage: critical 811s Digital Signature, Non Repudiation, Key Encipherment 811s X509v3 Extended Key Usage: 811s TLS Web Client Authentication, E-mail Protection 811s X509v3 Subject Alternative Name: 811s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 811s Certificate is to be certified until Mar 20 18:34:39 2025 GMT (365 days) 811s 811s Write out database with 1 new entries 811s Database updated 811s + openssl x509 -noout -in /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 811s + openssl verify -CAfile /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 811s /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem: OK 811s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 811s + local cmd=openssl 811s + shift 811s + openssl verify -CAfile /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 811s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 811s error 20 at 0 depth lookup: unable to get local issuer certificate 811s error /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem: verification failed 811s + cat 811s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-4094 811s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-4094 1024 811s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-4094 -key /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001-request.pem 811s + openssl req -text -noout -in /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001-request.pem 811s Certificate Request: 811s Data: 811s Version: 1 (0x0) 811s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 811s Subject Public Key Info: 811s Public Key Algorithm: rsaEncryption 811s Public-Key: (1024 bit) 811s Modulus: 811s 00:be:b3:5a:37:d7:96:1b:56:0d:59:0f:44:5a:bb: 811s e1:92:17:7d:15:01:9f:03:db:ea:13:0e:f9:39:3b: 811s a3:a8:8b:d9:20:50:98:0a:09:f1:fc:85:86:be:8e: 811s be:cd:41:24:18:a8:34:6f:8b:55:f7:61:1e:49:63: 811s 72:92:3c:17:7f:3e:1b:9e:a3:7c:40:1d:78:96:a9: 811s 91:34:d5:aa:0b:f4:c1:f9:99:8e:b8:77:b8:10:9a: 811s b5:2a:42:d7:6f:85:61:1d:e1:e4:8e:d6:70:b3:b3: 811s c3:b3:c9:4b:bd:66:c0:94:92:5b:1d:a3:c8:59:dd: 811s 9f:f0:cc:1d:c4:91:e2:a7:1b 811s Exponent: 65537 (0x10001) 811s Attributes: 811s Requested Extensions: 811s X509v3 Basic Constraints: 811s CA:FALSE 811s Netscape Cert Type: 811s SSL Client, S/MIME 811s Netscape Comment: 811s Test Organization Intermediate CA trusted Certificate 811s X509v3 Subject Key Identifier: 811s 3F:86:F4:D5:F0:E1:1D:D8:97:92:8E:B2:CC:FB:51:F3:56:58:D0:E7 811s X509v3 Key Usage: critical 811s Digital Signature, Non Repudiation, Key Encipherment 811s X509v3 Extended Key Usage: 811s TLS Web Client Authentication, E-mail Protection 811s X509v3 Subject Alternative Name: 811s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 811s Signature Algorithm: sha256WithRSAEncryption 811s Signature Value: 811s 3d:4a:75:b4:34:75:9c:26:8b:a0:61:fb:2c:1e:5a:01:0c:a9: 811s 21:db:fd:db:8e:66:6e:27:ef:c0:d3:53:8e:59:69:66:75:7f: 811s 01:2e:ce:06:23:5f:24:b1:01:13:97:6c:2b:0b:0d:39:59:5e: 811s de:fe:98:8f:4a:c5:41:9a:64:34:d6:88:a6:63:f9:71:f5:f1: 811s a4:88:7d:d0:5b:9a:8f:5e:a4:29:1e:da:82:de:7d:f6:25:44: 811s cd:93:b4:39:0f:eb:13:e8:79:04:e3:5f:e2:5a:71:51:44:c0: 811s 90:85:44:2e:0c:36:77:39:25:02:e7:37:80:0a:0b:84:d6:bd: 811s 9d:60 811s + openssl ca -passin pass:random-intermediate-CA-password-25852 -config /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 811s Using configuration from /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.config 811s Check that the request matches the signature 811s Signature ok 811s Certificate Details: 811s Serial Number: 4 (0x4) 811s Validity 811s Not Before: Mar 20 18:34:39 2024 GMT 811s Not After : Mar 20 18:34:39 2025 GMT 811s Subject: 811s organizationName = Test Organization 811s organizationalUnitName = Test Organization Unit 811s commonName = Test Organization Intermediate Trusted Certificate 0001 811s X509v3 extensions: 811s X509v3 Authority Key Identifier: 811s CE:51:CA:54:B1:06:48:27:14:9C:68:3C:FE:0B:61:01:3E:E3:34:A6 811s X509v3 Basic Constraints: 811s CA:FALSE 811s Netscape Cert Type: 811s SSL Client, S/MIME 811s Netscape Comment: 811s Test Organization Intermediate CA trusted Certificate 811s X509v3 Subject Key Identifier: 811s 3F:86:F4:D5:F0:E1:1D:D8:97:92:8E:B2:CC:FB:51:F3:56:58:D0:E7 811s X509v3 Key Usage: critical 811s Digital Signature, Non Repudiation, Key Encipherment 811s X509v3 Extended Key Usage: 811s TLS Web Client Authentication, E-mail Protection 811s X509v3 Subject Alternative Name: 811s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 811s Certificate is to be certified until Mar 20 18:34:39 2025 GMT (365 days) 811s 811s Write out database with 1 new entries 811s Database updated 811s + openssl x509 -noout -in /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 811s This certificate should not be trusted fully 811s + echo 'This certificate should not be trusted fully' 811s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 811s + local cmd=openssl 811s + shift 811s + openssl verify -CAfile /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 811s O = Test Organi/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem: OK 811s zation, OU = Test Organization Unit, CN = Test Organization Intermediate CA 811s error 2 at 1 depth lookup: unable to get issuer certificate 811s error /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 811s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 811s + cat 811s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29827 811s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-29827 1024 811s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-29827 -key /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 811s + openssl req -text -noout -in /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 811s Certificate Request: 811s Data: 811s Version: 1 (0x0) 811s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 811s Subject Public Key Info: 811s Public Key Algorithm: rsaEncryption 811s Public-Key: (1024 bit) 811s Modulus: 811s 00:dd:a6:06:b1:32:3b:90:f5:76:21:31:f2:66:57: 811s ae:28:b8:c2:e9:9f:54:82:49:62:58:e4:7b:e0:4f: 811s 94:0b:d8:2f:a4:ae:f0:78:27:02:09:5a:c3:68:ea: 811s 49:ee:6e:2d:3c:a3:5a:4a:99:6f:19:0f:ce:1f:20: 811s 75:34:c9:1b:08:32:83:42:f9:24:41:95:88:23:39: 811s 31:18:58:48:a7:eb:67:78:ea:d2:7e:13:c2:a7:6b: 811s c8:48:04:54:f9:a0:6c:86:28:39:6a:57:f5:c1:7f: 811s 46:5d:19:da:f6:9e:4c:c9:41:27:2d:2f:b8:45:41: 811s 9b:4c:19:29:1a:dc:c4:19:37 811s Exponent: 65537 (0x10001) 811s Attributes: 811s Requested Extensions: 811s X509v3 Basic Constraints: 811s CA:FALSE 811s Netscape Cert Type: 811s SSL Client, S/MIME 811s Netscape Comment: 811s Test Organization Sub Intermediate CA trusted Certificate 811s X509v3 Subject Key Identifier: 811s B0:B0:20:3D:EE:CE:E7:E5:22:7C:74:71:41:F7:00:D2:7B:FC:58:0D 811s X509v3 Key Usage: critical 811s Digital Signature, Non Repudiation, Key Encipherment 811s X509v3 Extended Key Usage: 811s TLS Web Client Authentication, E-mail Protection 811s X509v3 Subject Alternative Name: 811s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 811s Signature Algorithm: sha256WithRSAEncryption 811s Signature Value: 811s cb:40:da:df:02:96:bb:b4:38:44:f9:33:f9:42:30:cd:2e:a6: 811s 40:29:bb:ec:4e:4a:21:60:de:70:61:52:f4:7e:b9:8e:98:d2: 811s 77:39:07:52:a3:12:3c:7d:0b:98:e2:c1:36:34:1a:80:15:b9: 811s e8:36:3e:e5:da:bd:5d:5e:0e:09:10:9f:b6:25:d9:fe:5d:89: 811s bf:be:af:1b:c5:ac:27:86:ce:39:a7:5c:c5:8c:18:56:77:cc: 811s 02:a2:2c:96:40:c4:8d:46:1a:1e:ed:e9:a7:37:0b:02:38:71: 811s 1a:15:a3:8b:90:86:df:62:87:c1:c1:3c:87:07:28:96:04:d6: 811s 11:1b 811s + openssl ca -passin pass:random-sub-intermediate-CA-password-5417 -config /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 811s Using configuration from /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.config 811s Check that the request matches the signature 811s Signature ok 811s Certificate Details: 811s Serial Number: 5 (0x5) 811s Validity 811s Not Before: Mar 20 18:34:39 2024 GMT 811s Not After : Mar 20 18:34:39 2025 GMT 811s Subject: 811s organizationName = Test Organization 811s organizationalUnitName = Test Organization Unit 811s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 811s X509v3 extensions: 811s X509v3 Authority Key Identifier: 811s F9:57:6C:50:D2:EE:83:DE:A1:CE:5F:16:1E:6E:78:BD:56:CD:C4:A6 811s X509v3 Basic Constraints: 811s CA:FALSE 811s Netscape Cert Type: 811s SSL Client, S/MIME 811s Netscape Comment: 811s Test Organization Sub Intermediate CA trusted Certificate 811s X509v3 Subject Key Identifier: 811s B0:B0:20:3D:EE:CE:E7:E5:22:7C:74:71:41:F7:00:D2:7B:FC:58:0D 811s X509v3 Key Usage: critical 811s Digital Signature, Non Repudiation, Key Encipherment 811s X509v3 Extended Key Usage: 811s TLS Web Client Authentication, E-mail Protection 811s X509v3 Subject Alternative Name: 811s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 811s Certificate is to be certified until Mar 20 18:34:39 2025 GMT (365 days) 811s 811s Write out database with 1 new entries 811s Database updated 811s + openssl x509 -noout -in /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 811s This certificate should not be trusted fully 811s + echo 'This certificate should not be trusted fully' 811s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 811s + local cmd=openssl 811s + shift 811s + openssl verify -CAfile /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 811s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 811s error 2 at 1 depth lookup: unable to get issuer certificate 811s error /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 811s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 811s + local cmd=openssl 811s + shift 811s + openssl verify -CAfile /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 811s /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 811s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 811s error 20 at 0 depth lookup: unable to get local issuer certificate 811s error /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 811s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 811s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 811s + local cmd=openssl 811s + shift 811s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 811s O = Building a the full-chain CA file... 811s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 811s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 811s 811s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 811s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 811s 811s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 811s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 811s 811s Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 811s error 20 at 0 depth lookup: unable to get local issuer certificate 811s error /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 811s + echo 'Building a the full-chain CA file...' 811s + cat /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem 811s + cat /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem 811s + cat /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem 811s + openssl pkcs7 -print_certs -noout 811s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem 811s + openssl verify -CAfile /tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem 811s + openssl verify -CAfile /tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 811s /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem: OK 811s + openssl verify -CAfile /tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 811s /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem: OK 811s /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem: OK 811s + openssl verify -CAfile /tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem /tmp/sssd-softhsm2-tcILm7/test-root-intermediate-chain-CA.pem 811s /tmp/sssd-softhsm2-tcILm7/test-root-intermediate-chain-CA.pem: OK 811s + openssl verify -CAfile /tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 811s /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 811s + echo 'Certificates generation completed!' 811s Certificates generation completed! 811s + [[ -v NO_SSSD_TESTS ]] 811s + invalid_certificate /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 /dev/null 811s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 /dev/null 811s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 811s + local key_pass=pass:random-root-ca-trusted-cert-0001-24312 811s + local key_ring=/dev/null 811s + local verify_option= 811s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 811s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 811s + local key_pass=pass:random-root-ca-trusted-cert-0001-24312 811s + local key_cn 811s + local key_name 811s + local tokens_dir 811s + local output_cert_file 811s + token_name= 811s ++ basename /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem .pem 811s + key_name=test-root-CA-trusted-certificate-0001 811s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 811s ++ sed -n 's/ *commonName *= //p' 811s + key_cn='Test Organization Root Trusted Certificate 0001' 811s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 811s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf 811s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf 811s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 811s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001 811s + token_name='Test Organization Root Tr Token' 811s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 811s + local key_file 811s + local decrypted_key 811s + mkdir -p /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001 811s + key_file=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001-key.pem 811s + decrypted_key=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001-key-decrypted.pem 811s + cat 811s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 053350 --so-pin 053350 --free 811s Slot 0 has a free/uninitialized token. 811s The token has been initialized and is reassigned to slot 112262552 811s + softhsm2-util --show-slots 811s Available slots: 811s Slot 112262552 811s Slot info: 811s Description: SoftHSM slot ID 0x6b0fd98 811s Manufacturer ID: SoftHSM project 811s Hardware version: 2.6 811s Firmware version: 2.6 811s Token present: yes 811s Token info: 811s Manufacturer ID: SoftHSM project 811s Model: SoftHSM v2 811s Hardware version: 2.6 811s Firmware version: 2.6 811s Serial number: 33461f1a86b0fd98 811s Initialized: yes 811s User PIN init.: yes 811s Label: Test Organization Root Tr Token 811s Slot 1 811s Slot info: 811s Description: SoftHSM slot ID 0x1 811s Manufacturer ID: SoftHSM project 811s Hardware version: 2.6 811s Firmware version: 2.6 811s Token present: yes 811s Token info: 811s Manufacturer ID: SoftHSM project 811s Model: SoftHSM v2 811s Hardware version: 2.6 811s Firmware version: 2.6 811s Serial number: 811s Initialized: no 811s User PIN init.: no 811s Label: 811s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 811s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-24312 -in /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001-key-decrypted.pem 811s writing RSA key 811s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 811s + rm /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001-key-decrypted.pem 811s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 811s Object 0: 811s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=33461f1a86b0fd98;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 811s Type: X.509 Certificate (RSA-1024) 811s Expires: Thu Mar 20 18:34:39 2025 811s Label: Test Organization Root Trusted Certificate 0001 811s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 811s 811s Test Organization Root Tr Token 811s + echo 'Test Organization Root Tr Token' 811s + '[' -n '' ']' 811s + local output_base_name=SSSD-child-31530 811s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-31530.output 811s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-31530.pem 811s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 811s [p11_child[2122]] [main] (0x0400): p11_child started. 811s [p11_child[2122]] [main] (0x2000): Running in [pre-auth] mode. 811s [p11_child[2122]] [main] (0x2000): Running with effective IDs: [0][0]. 811s [p11_child[2122]] [main] (0x2000): Running with real IDs [0][0]. 811s [p11_child[2122]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 811s [p11_child[2122]] [do_work] (0x0040): init_verification failed. 811s [p11_child[2122]] [main] (0x0020): p11_child failed (5) 811s + return 2 811s + valid_certificate /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 /dev/null no_verification 811s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 /dev/null no_verification 811s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 811s + local key_pass=pass:random-root-ca-trusted-cert-0001-24312 811s + local key_ring=/dev/null 811s + local verify_option=no_verification 811s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 811s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 811s + local key_pass=pass:random-root-ca-trusted-cert-0001-24312 811s + local key_cn 811s + local key_name 811s + local tokens_dir 811s + local output_cert_file 811s + token_name= 811s ++ basename /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem .pem 811s + key_name=test-root-CA-trusted-certificate-0001 811s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 811s ++ sed -n 's/ *commonName *= //p' 812s + key_cn='Test Organization Root Trusted Certificate 0001' 812s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 812s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf 812s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf 812s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 812s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001 812s + token_name='Test Organization Root Tr Token' 812s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 812s Test Organization Root Tr Token 812s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001 ']' 812s + echo 'Test Organization Root Tr Token' 812s + '[' -n no_verification ']' 812s + local verify_arg=--verify=no_verification 812s + local output_base_name=SSSD-child-22570 812s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-22570.output 812s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-22570.pem 812s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 812s [p11_child[2128]] [main] (0x0400): p11_child started. 812s [p11_child[2128]] [main] (0x2000): Running in [pre-auth] mode. 812s [p11_child[2128]] [main] (0x2000): Running with effective IDs: [0][0]. 812s [p11_child[2128]] [main] (0x2000): Running with real IDs [0][0]. 812s [p11_child[2128]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 812s [p11_child[2128]] [do_card] (0x4000): Module List: 812s [p11_child[2128]] [do_card] (0x4000): common name: [softhsm2]. 812s [p11_child[2128]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 812s [p11_child[2128]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6b0fd98] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 812s [p11_child[2128]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 812s [p11_child[2128]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6b0fd98][112262552] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 812s [p11_child[2128]] [do_card] (0x4000): Login NOT required. 812s [p11_child[2128]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 812s [p11_child[2128]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 812s [p11_child[2128]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6b0fd98;slot-manufacturer=SoftHSM%20project;slot-id=112262552;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=33461f1a86b0fd98;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 812s [p11_child[2128]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 812s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-22570.output 812s + echo '-----BEGIN CERTIFICATE-----' 812s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-22570.output 812s + echo '-----END CERTIFICATE-----' 812s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-22570.pem 812s Certificate: 812s Data: 812s Version: 3 (0x2) 812s Serial Number: 3 (0x3) 812s Signature Algorithm: sha256WithRSAEncryption 812s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 812s Validity 812s Not Before: Mar 20 18:34:39 2024 GMT 812s Not After : Mar 20 18:34:39 2025 GMT 812s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 812s Subject Public Key Info: 812s Public Key Algorithm: rsaEncryption 812s Public-Key: (1024 bit) 812s Modulus: 812s 00:aa:2e:18:43:63:fe:60:6b:83:d3:38:5b:59:f5: 812s e2:7a:64:f0:06:d5:f9:e7:e3:fe:cd:cf:18:02:c0: 812s 31:74:13:45:19:74:f0:9b:e9:f2:67:d0:4f:89:01: 812s b6:d5:f3:9c:98:c6:61:e3:0d:68:a4:89:ba:60:f4: 812s 86:c6:77:81:40:05:e0:cd:cb:71:9e:3e:51:60:03: 812s 0b:f2:a7:3e:7f:4b:a0:5d:93:cd:47:85:03:c3:d1: 812s 37:2c:6b:75:bb:44:81:4a:de:b2:1b:20:26:0c:03: 812s da:d7:44:74:30:56:99:ac:a8:74:a6:7c:33:9b:8e: 812s af:6a:af:ef:e0:4b:e3:a2:99 812s Exponent: 65537 (0x10001) 812s X509v3 extensions: 812s X509v3 Authority Key Identifier: 812s 0B:E3:CD:1B:0A:4B:1C:68:AB:E1:F4:1D:66:CE:C5:AF:55:55:99:BB 812s X509v3 Basic Constraints: 812s CA:FALSE 812s Netscape Cert Type: 812s SSL Client, S/MIME 812s Netscape Comment: 812s Test Organization Root CA trusted Certificate 812s X509v3 Subject Key Identifier: 812s 40:D7:1F:2F:DD:14:E8:44:F7:F4:6A:E8:AC:6F:56:7A:6A:9B:61:B6 812s X509v3 Key Usage: critical 812s Digital Signature, Non Repudiation, Key Encipherment 812s X509v3 Extended Key Usage: 812s TLS Web Client Authentication, E-mail Protection 812s X509v3 Subject Alternative Name: 812s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 812s Signature Algorithm: sha256WithRSAEncryption 812s Signature Value: 812s 5d:1b:80:89:47:8d:63:dc:63:e2:1b:b1:ac:4f:eb:a3:8d:57: 812s 17:67:41:29:9a:33:a0:55:c0:df:e5:e2:2b:06:29:48:eb:99: 812s 5e:19:df:21:f6:c8:3f:ef:aa:fa:b2:bb:df:d0:b8:89:8b:87: 812s c4:30:c5:9e:bc:61:00:a9:c1:26:ff:c2:48:01:7d:f3:1b:74: 812s 9c:42:ee:a9:ed:39:16:87:84:c7:61:0c:2b:51:23:f6:69:cf: 812s af:0d:8d:c2:41:b9:ad:f6:ef:88:86:08:49:97:70:29:08:6c: 812s a4:2c:4d:6b:21:75:7e:ce:40:04:99:dc:91:17:76:ed:b0:7b: 812s eb:3d 812s + local found_md5 expected_md5 812s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 812s + expected_md5=Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 812s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-22570.pem 812s + found_md5=Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 812s + '[' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 '!=' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 ']' 812s + output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-22570-auth.output 812s ++ basename /tmp/sssd-softhsm2-tcILm7/SSSD-child-22570-auth.output .output 812s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-22570-auth.pem 812s + echo -n 053350 812s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 812s [p11_child[2136]] [main] (0x0400): p11_child started. 812s [p11_child[2136]] [main] (0x2000): Running in [auth] mode. 812s [p11_child[2136]] [main] (0x2000): Running with effective IDs: [0][0]. 812s [p11_child[2136]] [main] (0x2000): Running with real IDs [0][0]. 812s [p11_child[2136]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 812s [p11_child[2136]] [do_card] (0x4000): Module List: 812s [p11_child[2136]] [do_card] (0x4000): common name: [softhsm2]. 812s [p11_child[2136]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 812s [p11_child[2136]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6b0fd98] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 812s [p11_child[2136]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 812s [p11_child[2136]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6b0fd98][112262552] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 812s [p11_child[2136]] [do_card] (0x4000): Login required. 812s [p11_child[2136]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 812s [p11_child[2136]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 812s [p11_child[2136]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6b0fd98;slot-manufacturer=SoftHSM%20project;slot-id=112262552;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=33461f1a86b0fd98;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 812s [p11_child[2136]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 812s [p11_child[2136]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 812s [p11_child[2136]] [do_card] (0x4000): Certificate verified and validated. 812s [p11_child[2136]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 812s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-22570-auth.output 812s + echo '-----BEGIN CERTIFICATE-----' 812s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-22570-auth.output 812s + echo '-----END CERTIFICATE-----' 812s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-22570-auth.pem 812s Certificate: 812s Data: 812s Version: 3 (0x2) 812s Serial Number: 3 (0x3) 812s Signature Algorithm: sha256WithRSAEncryption 812s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 812s Validity 812s Not Before: Mar 20 18:34:39 2024 GMT 812s Not After : Mar 20 18:34:39 2025 GMT 812s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 812s Subject Public Key Info: 812s Public Key Algorithm: rsaEncryption 812s Public-Key: (1024 bit) 812s Modulus: 812s 00:aa:2e:18:43:63:fe:60:6b:83:d3:38:5b:59:f5: 812s e2:7a:64:f0:06:d5:f9:e7:e3:fe:cd:cf:18:02:c0: 812s 31:74:13:45:19:74:f0:9b:e9:f2:67:d0:4f:89:01: 812s b6:d5:f3:9c:98:c6:61:e3:0d:68:a4:89:ba:60:f4: 812s 86:c6:77:81:40:05:e0:cd:cb:71:9e:3e:51:60:03: 812s 0b:f2:a7:3e:7f:4b:a0:5d:93:cd:47:85:03:c3:d1: 812s 37:2c:6b:75:bb:44:81:4a:de:b2:1b:20:26:0c:03: 812s da:d7:44:74:30:56:99:ac:a8:74:a6:7c:33:9b:8e: 812s af:6a:af:ef:e0:4b:e3:a2:99 812s Exponent: 65537 (0x10001) 812s X509v3 extensions: 812s X509v3 Authority Key Identifier: 812s 0B:E3:CD:1B:0A:4B:1C:68:AB:E1:F4:1D:66:CE:C5:AF:55:55:99:BB 812s X509v3 Basic Constraints: 812s CA:FALSE 812s Netscape Cert Type: 812s SSL Client, S/MIME 812s Netscape Comment: 812s Test Organization Root CA trusted Certificate 812s X509v3 Subject Key Identifier: 812s 40:D7:1F:2F:DD:14:E8:44:F7:F4:6A:E8:AC:6F:56:7A:6A:9B:61:B6 812s X509v3 Key Usage: critical 812s Digital Signature, Non Repudiation, Key Encipherment 812s X509v3 Extended Key Usage: 812s TLS Web Client Authentication, E-mail Protection 812s X509v3 Subject Alternative Name: 812s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 812s Signature Algorithm: sha256WithRSAEncryption 812s Signature Value: 812s 5d:1b:80:89:47:8d:63:dc:63:e2:1b:b1:ac:4f:eb:a3:8d:57: 812s 17:67:41:29:9a:33:a0:55:c0:df:e5:e2:2b:06:29:48:eb:99: 812s 5e:19:df:21:f6:c8:3f:ef:aa:fa:b2:bb:df:d0:b8:89:8b:87: 812s c4:30:c5:9e:bc:61:00:a9:c1:26:ff:c2:48:01:7d:f3:1b:74: 812s 9c:42:ee:a9:ed:39:16:87:84:c7:61:0c:2b:51:23:f6:69:cf: 812s af:0d:8d:c2:41:b9:ad:f6:ef:88:86:08:49:97:70:29:08:6c: 812s a4:2c:4d:6b:21:75:7e:ce:40:04:99:dc:91:17:76:ed:b0:7b: 812s eb:3d 812s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-22570-auth.pem 812s + found_md5=Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 812s + '[' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 '!=' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 ']' 812s + valid_certificate /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 812s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 812s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 812s + local key_pass=pass:random-root-ca-trusted-cert-0001-24312 812s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 812s + local verify_option= 812s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 812s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 812s + local key_pass=pass:random-root-ca-trusted-cert-0001-24312 812s + local key_cn 812s + local key_name 812s + local tokens_dir 812s + local output_cert_file 812s + token_name= 812s ++ basename /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem .pem 812s + key_name=test-root-CA-trusted-certificate-0001 812s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 812s ++ sed -n 's/ *commonName *= //p' 812s + key_cn='Test Organization Root Trusted Certificate 0001' 812s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 812s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf 812s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf 812s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 812s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001 812s + token_name='Test Organization Root Tr Token' 812s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 812s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001 ']' 812s + echo 'Test Organization Root Tr Token' 812s + '[' -n '' ']' 812s + local output_base_name=SSSD-child-21615 812s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-21615.output 812s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-21615.pem 812s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 812s Test Organization Root Tr Token 812s [p11_child[2146]] [main] (0x0400): p11_child started. 812s [p11_child[2146]] [main] (0x2000): Running in [pre-auth] mode. 812s [p11_child[2146]] [main] (0x2000): Running with effective IDs: [0][0]. 812s [p11_child[2146]] [main] (0x2000): Running with real IDs [0][0]. 812s [p11_child[2146]] [do_card] (0x4000): Module List: 812s [p11_child[2146]] [do_card] (0x4000): common name: [softhsm2]. 812s [p11_child[2146]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 812s [p11_child[2146]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6b0fd98] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 812s [p11_child[2146]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 812s [p11_child[2146]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6b0fd98][112262552] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 812s [p11_child[2146]] [do_card] (0x4000): Login NOT required. 812s [p11_child[2146]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 812s [p11_child[2146]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 812s [p11_child[2146]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 812s [p11_child[2146]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6b0fd98;slot-manufacturer=SoftHSM%20project;slot-id=112262552;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=33461f1a86b0fd98;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 812s [p11_child[2146]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 812s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-21615.output 812s + echo '-----BEGIN CERTIFICATE-----' 812s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-21615.output 812s + echo '-----END CERTIFICATE-----' 812s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-21615.pem 812s + local found_md5 expected_md5 812s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 812s Certificate: 812s Data: 812s Version: 3 (0x2) 812s Serial Number: 3 (0x3) 812s Signature Algorithm: sha256WithRSAEncryption 812s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 812s Validity 812s Not Before: Mar 20 18:34:39 2024 GMT 812s Not After : Mar 20 18:34:39 2025 GMT 812s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 812s Subject Public Key Info: 812s Public Key Algorithm: rsaEncryption 812s Public-Key: (1024 bit) 812s Modulus: 812s 00:aa:2e:18:43:63:fe:60:6b:83:d3:38:5b:59:f5: 812s e2:7a:64:f0:06:d5:f9:e7:e3:fe:cd:cf:18:02:c0: 812s 31:74:13:45:19:74:f0:9b:e9:f2:67:d0:4f:89:01: 812s b6:d5:f3:9c:98:c6:61:e3:0d:68:a4:89:ba:60:f4: 812s 86:c6:77:81:40:05:e0:cd:cb:71:9e:3e:51:60:03: 812s 0b:f2:a7:3e:7f:4b:a0:5d:93:cd:47:85:03:c3:d1: 812s 37:2c:6b:75:bb:44:81:4a:de:b2:1b:20:26:0c:03: 812s da:d7:44:74:30:56:99:ac:a8:74:a6:7c:33:9b:8e: 812s af:6a:af:ef:e0:4b:e3:a2:99 812s Exponent: 65537 (0x10001) 812s X509v3 extensions: 812s X509v3 Authority Key Identifier: 812s 0B:E3:CD:1B:0A:4B:1C:68:AB:E1:F4:1D:66:CE:C5:AF:55:55:99:BB 812s X509v3 Basic Constraints: 812s CA:FALSE 812s Netscape Cert Type: 812s SSL Client, S/MIME 812s Netscape Comment: 812s Test Organization Root CA trusted Certificate 812s X509v3 Subject Key Identifier: 812s 40:D7:1F:2F:DD:14:E8:44:F7:F4:6A:E8:AC:6F:56:7A:6A:9B:61:B6 812s X509v3 Key Usage: critical 812s Digital Signature, Non Repudiation, Key Encipherment 812s X509v3 Extended Key Usage: 812s TLS Web Client Authentication, E-mail Protection 812s X509v3 Subject Alternative Name: 812s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 812s Signature Algorithm: sha256WithRSAEncryption 812s Signature Value: 812s 5d:1b:80:89:47:8d:63:dc:63:e2:1b:b1:ac:4f:eb:a3:8d:57: 812s 17:67:41:29:9a:33:a0:55:c0:df:e5:e2:2b:06:29:48:eb:99: 812s 5e:19:df:21:f6:c8:3f:ef:aa:fa:b2:bb:df:d0:b8:89:8b:87: 812s c4:30:c5:9e:bc:61:00:a9:c1:26:ff:c2:48:01:7d:f3:1b:74: 812s 9c:42:ee:a9:ed:39:16:87:84:c7:61:0c:2b:51:23:f6:69:cf: 812s af:0d:8d:c2:41:b9:ad:f6:ef:88:86:08:49:97:70:29:08:6c: 812s a4:2c:4d:6b:21:75:7e:ce:40:04:99:dc:91:17:76:ed:b0:7b: 812s eb:3d 812s + expected_md5=Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 812s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-21615.pem 812s + found_md5=Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 812s + '[' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 '!=' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 ']' 812s + output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-21615-auth.output 812s ++ basename /tmp/sssd-softhsm2-tcILm7/SSSD-child-21615-auth.output .output 812s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-21615-auth.pem 812s + echo -n 053350 812s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-tcILm7/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 812s [p11_child[2154]] [main] (0x0400): p11_child started. 812s [p11_child[2154]] [main] (0x2000): Running in [auth] mode. 812s [p11_child[2154]] [main] (0x2000): Running with effective IDs: [0][0]. 812s [p11_child[2154]] [main] (0x2000): Running with real IDs [0][0]. 812s [p11_child[2154]] [do_card] (0x4000): Module List: 812s [p11_child[2154]] [do_card] (0x4000): common name: [softhsm2]. 812s [p11_child[2154]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 812s [p11_child[2154]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6b0fd98] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 812s [p11_child[2154]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 812s [p11_child[2154]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6b0fd98][112262552] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 812s [p11_child[2154]] [do_card] (0x4000): Login required. 812s [p11_child[2154]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 812s [p11_child[2154]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 812s [p11_child[2154]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 812s [p11_child[2154]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6b0fd98;slot-manufacturer=SoftHSM%20project;slot-id=112262552;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=33461f1a86b0fd98;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 812s [p11_child[2154]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 812s [p11_child[2154]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 812s [p11_child[2154]] [do_card] (0x4000): Certificate verified and validated. 812s [p11_child[2154]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 812s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-21615-auth.output 812s + echo '-----BEGIN CERTIFICATE-----' 812s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-21615-auth.output 812s + echo '-----END CERTIFICATE-----' 812s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-21615-auth.pem 812s Certificate: 812s Data: 812s Version: 3 (0x2) 812s Serial Number: 3 (0x3) 812s Signature Algorithm: sha256WithRSAEncryption 812s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 812s Validity 812s Not Before: Mar 20 18:34:39 2024 GMT 812s Not After : Mar 20 18:34:39 2025 GMT 812s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 812s Subject Public Key Info: 812s Public Key Algorithm: rsaEncryption 812s Public-Key: (1024 bit) 812s Modulus: 812s 00:aa:2e:18:43:63:fe:60:6b:83:d3:38:5b:59:f5: 812s e2:7a:64:f0:06:d5:f9:e7:e3:fe:cd:cf:18:02:c0: 812s 31:74:13:45:19:74:f0:9b:e9:f2:67:d0:4f:89:01: 812s b6:d5:f3:9c:98:c6:61:e3:0d:68:a4:89:ba:60:f4: 812s 86:c6:77:81:40:05:e0:cd:cb:71:9e:3e:51:60:03: 812s 0b:f2:a7:3e:7f:4b:a0:5d:93:cd:47:85:03:c3:d1: 812s 37:2c:6b:75:bb:44:81:4a:de:b2:1b:20:26:0c:03: 812s da:d7:44:74:30:56:99:ac:a8:74:a6:7c:33:9b:8e: 812s af:6a:af:ef:e0:4b:e3:a2:99 812s Exponent: 65537 (0x10001) 812s X509v3 extensions: 812s X509v3 Authority Key Identifier: 812s 0B:E3:CD:1B:0A:4B:1C:68:AB:E1:F4:1D:66:CE:C5:AF:55:55:99:BB 812s X509v3 Basic Constraints: 812s CA:FALSE 812s Netscape Cert Type: 812s SSL Client, S/MIME 812s Netscape Comment: 812s Test Organization Root CA trusted Certificate 812s X509v3 Subject Key Identifier: 812s 40:D7:1F:2F:DD:14:E8:44:F7:F4:6A:E8:AC:6F:56:7A:6A:9B:61:B6 812s X509v3 Key Usage: critical 812s Digital Signature, Non Repudiation, Key Encipherment 812s X509v3 Extended Key Usage: 812s TLS Web Client Authentication, E-mail Protection 812s X509v3 Subject Alternative Name: 812s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 812s Signature Algorithm: sha256WithRSAEncryption 812s Signature Value: 812s 5d:1b:80:89:47:8d:63:dc:63:e2:1b:b1:ac:4f:eb:a3:8d:57: 812s 17:67:41:29:9a:33:a0:55:c0:df:e5:e2:2b:06:29:48:eb:99: 812s 5e:19:df:21:f6:c8:3f:ef:aa:fa:b2:bb:df:d0:b8:89:8b:87: 812s c4:30:c5:9e:bc:61:00:a9:c1:26:ff:c2:48:01:7d:f3:1b:74: 812s 9c:42:ee:a9:ed:39:16:87:84:c7:61:0c:2b:51:23:f6:69:cf: 812s af:0d:8d:c2:41:b9:ad:f6:ef:88:86:08:49:97:70:29:08:6c: 812s a4:2c:4d:6b:21:75:7e:ce:40:04:99:dc:91:17:76:ed:b0:7b: 812s eb:3d 812s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-21615-auth.pem 812s + found_md5=Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 812s + '[' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 '!=' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 ']' 812s + valid_certificate /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem partial_chain 812s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem partial_chain 812s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 812s + local key_pass=pass:random-root-ca-trusted-cert-0001-24312 812s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 812s + local verify_option=partial_chain 812s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 812s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 812s + local key_pass=pass:random-root-ca-trusted-cert-0001-24312 812s + local key_cn 812s + local key_name 812s + local tokens_dir 812s + local output_cert_file 812s + token_name= 812s ++ basename /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem .pem 812s + key_name=test-root-CA-trusted-certificate-0001 812s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 812s ++ sed -n 's/ *commonName *= //p' 813s + key_cn='Test Organization Root Trusted Certificate 0001' 813s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 813s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf 813s Test Organization Root Tr Token 813s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf 813s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 813s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001 813s + token_name='Test Organization Root Tr Token' 813s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 813s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001 ']' 813s + echo 'Test Organization Root Tr Token' 813s + '[' -n partial_chain ']' 813s + local verify_arg=--verify=partial_chain 813s + local output_base_name=SSSD-child-23317 813s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-23317.output 813s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-23317.pem 813s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 813s [p11_child[2164]] [main] (0x0400): p11_child started. 813s [p11_child[2164]] [main] (0x2000): Running in [pre-auth] mode. 813s [p11_child[2164]] [main] (0x2000): Running with effective IDs: [0][0]. 813s [p11_child[2164]] [main] (0x2000): Running with real IDs [0][0]. 813s [p11_child[2164]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 813s [p11_child[2164]] [do_card] (0x4000): Module List: 813s [p11_child[2164]] [do_card] (0x4000): common name: [softhsm2]. 813s [p11_child[2164]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 813s [p11_child[2164]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6b0fd98] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 813s [p11_child[2164]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 813s [p11_child[2164]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6b0fd98][112262552] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 813s [p11_child[2164]] [do_card] (0x4000): Login NOT required. 813s [p11_child[2164]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 813s [p11_child[2164]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 813s [p11_child[2164]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 813s [p11_child[2164]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6b0fd98;slot-manufacturer=SoftHSM%20project;slot-id=112262552;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=33461f1a86b0fd98;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 813s [p11_child[2164]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 813s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-23317.output 813s + echo '-----BEGIN CERTIFICATE-----' 813s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-23317.output 813s + echo '-----END CERTIFICATE-----' 813s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-23317.pem 813s Certificate: 813s Data: 813s Version: 3 (0x2) 813s Serial Number: 3 (0x3) 813s Signature Algorithm: sha256WithRSAEncryption 813s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 813s Validity 813s Not Before: Mar 20 18:34:39 2024 GMT 813s Not After : Mar 20 18:34:39 2025 GMT 813s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 813s Subject Public Key Info: 813s Public Key Algorithm: rsaEncryption 813s Public-Key: (1024 bit) 813s Modulus: 813s 00:aa:2e:18:43:63:fe:60:6b:83:d3:38:5b:59:f5: 813s e2:7a:64:f0:06:d5:f9:e7:e3:fe:cd:cf:18:02:c0: 813s 31:74:13:45:19:74:f0:9b:e9:f2:67:d0:4f:89:01: 813s b6:d5:f3:9c:98:c6:61:e3:0d:68:a4:89:ba:60:f4: 813s 86:c6:77:81:40:05:e0:cd:cb:71:9e:3e:51:60:03: 813s 0b:f2:a7:3e:7f:4b:a0:5d:93:cd:47:85:03:c3:d1: 813s 37:2c:6b:75:bb:44:81:4a:de:b2:1b:20:26:0c:03: 813s da:d7:44:74:30:56:99:ac:a8:74:a6:7c:33:9b:8e: 813s af:6a:af:ef:e0:4b:e3:a2:99 813s Exponent: 65537 (0x10001) 813s X509v3 extensions: 813s X509v3 Authority Key Identifier: 813s 0B:E3:CD:1B:0A:4B:1C:68:AB:E1:F4:1D:66:CE:C5:AF:55:55:99:BB 813s X509v3 Basic Constraints: 813s CA:FALSE 813s Netscape Cert Type: 813s SSL Client, S/MIME 813s Netscape Comment: 813s Test Organization Root CA trusted Certificate 813s X509v3 Subject Key Identifier: 813s 40:D7:1F:2F:DD:14:E8:44:F7:F4:6A:E8:AC:6F:56:7A:6A:9B:61:B6 813s X509v3 Key Usage: critical 813s Digital Signature, Non Repudiation, Key Encipherment 813s X509v3 Extended Key Usage: 813s TLS Web Client Authentication, E-mail Protection 813s X509v3 Subject Alternative Name: 813s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 813s Signature Algorithm: sha256WithRSAEncryption 813s Signature Value: 813s 5d:1b:80:89:47:8d:63:dc:63:e2:1b:b1:ac:4f:eb:a3:8d:57: 813s 17:67:41:29:9a:33:a0:55:c0:df:e5:e2:2b:06:29:48:eb:99: 813s 5e:19:df:21:f6:c8:3f:ef:aa:fa:b2:bb:df:d0:b8:89:8b:87: 813s c4:30:c5:9e:bc:61:00:a9:c1:26:ff:c2:48:01:7d:f3:1b:74: 813s 9c:42:ee:a9:ed:39:16:87:84:c7:61:0c:2b:51:23:f6:69:cf: 813s af:0d:8d:c2:41:b9:ad:f6:ef:88:86:08:49:97:70:29:08:6c: 813s a4:2c:4d:6b:21:75:7e:ce:40:04:99:dc:91:17:76:ed:b0:7b: 813s eb:3d 813s + local found_md5 expected_md5 813s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 813s + expected_md5=Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 813s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-23317.pem 813s + found_md5=Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 813s + '[' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 '!=' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 ']' 813s + output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-23317-auth.output 813s ++ basename /tmp/sssd-softhsm2-tcILm7/SSSD-child-23317-auth.output .output 813s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-23317-auth.pem 813s + echo -n 053350 813s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-tcILm7/test-root-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 813s [p11_child[2172]] [main] (0x0400): p11_child started. 813s [p11_child[2172]] [main] (0x2000): Running in [auth] mode. 813s [p11_child[2172]] [main] (0x2000): Running with effective IDs: [0][0]. 813s [p11_child[2172]] [main] (0x2000): Running with real IDs [0][0]. 813s [p11_child[2172]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 813s [p11_child[2172]] [do_card] (0x4000): Module List: 813s [p11_child[2172]] [do_card] (0x4000): common name: [softhsm2]. 813s [p11_child[2172]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 813s [p11_child[2172]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6b0fd98] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 813s [p11_child[2172]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 813s [p11_child[2172]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6b0fd98][112262552] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 813s [p11_child[2172]] [do_card] (0x4000): Login required. 813s [p11_child[2172]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 813s [p11_child[2172]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 813s [p11_child[2172]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 813s [p11_child[2172]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6b0fd98;slot-manufacturer=SoftHSM%20project;slot-id=112262552;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=33461f1a86b0fd98;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 813s [p11_child[2172]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 813s [p11_child[2172]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 813s [p11_child[2172]] [do_card] (0x4000): Certificate verified and validated. 813s [p11_child[2172]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 813s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-23317-auth.output 813s + echo '-----BEGIN CERTIFICATE-----' 813s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-23317-auth.output 813s + echo '-----END CERTIFICATE-----' 813s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-23317-auth.pem 813s Certificate: 813s Data: 813s Version: 3 (0x2) 813s Serial Number: 3 (0x3) 813s Signature Algorithm: sha256WithRSAEncryption 813s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 813s Validity 813s Not Before: Mar 20 18:34:39 2024 GMT 813s Not After : Mar 20 18:34:39 2025 GMT 813s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 813s Subject Public Key Info: 813s Public Key Algorithm: rsaEncryption 813s Public-Key: (1024 bit) 813s Modulus: 813s 00:aa:2e:18:43:63:fe:60:6b:83:d3:38:5b:59:f5: 813s e2:7a:64:f0:06:d5:f9:e7:e3:fe:cd:cf:18:02:c0: 813s 31:74:13:45:19:74:f0:9b:e9:f2:67:d0:4f:89:01: 813s b6:d5:f3:9c:98:c6:61:e3:0d:68:a4:89:ba:60:f4: 813s 86:c6:77:81:40:05:e0:cd:cb:71:9e:3e:51:60:03: 813s 0b:f2:a7:3e:7f:4b:a0:5d:93:cd:47:85:03:c3:d1: 813s 37:2c:6b:75:bb:44:81:4a:de:b2:1b:20:26:0c:03: 813s da:d7:44:74:30:56:99:ac:a8:74:a6:7c:33:9b:8e: 813s af:6a:af:ef:e0:4b:e3:a2:99 813s Exponent: 65537 (0x10001) 813s X509v3 extensions: 813s X509v3 Authority Key Identifier: 813s 0B:E3:CD:1B:0A:4B:1C:68:AB:E1:F4:1D:66:CE:C5:AF:55:55:99:BB 813s X509v3 Basic Constraints: 813s CA:FALSE 813s Netscape Cert Type: 813s SSL Client, S/MIME 813s Netscape Comment: 813s Test Organization Root CA trusted Certificate 813s X509v3 Subject Key Identifier: 813s 40:D7:1F:2F:DD:14:E8:44:F7:F4:6A:E8:AC:6F:56:7A:6A:9B:61:B6 813s X509v3 Key Usage: critical 813s Digital Signature, Non Repudiation, Key Encipherment 813s X509v3 Extended Key Usage: 813s TLS Web Client Authentication, E-mail Protection 813s X509v3 Subject Alternative Name: 813s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 813s Signature Algorithm: sha256WithRSAEncryption 813s Signature Value: 813s 5d:1b:80:89:47:8d:63:dc:63:e2:1b:b1:ac:4f:eb:a3:8d:57: 813s 17:67:41:29:9a:33:a0:55:c0:df:e5:e2:2b:06:29:48:eb:99: 813s 5e:19:df:21:f6:c8:3f:ef:aa:fa:b2:bb:df:d0:b8:89:8b:87: 813s c4:30:c5:9e:bc:61:00:a9:c1:26:ff:c2:48:01:7d:f3:1b:74: 813s 9c:42:ee:a9:ed:39:16:87:84:c7:61:0c:2b:51:23:f6:69:cf: 813s af:0d:8d:c2:41:b9:ad:f6:ef:88:86:08:49:97:70:29:08:6c: 813s a4:2c:4d:6b:21:75:7e:ce:40:04:99:dc:91:17:76:ed:b0:7b: 813s eb:3d 813s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-23317-auth.pem 813s + found_md5=Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 813s + '[' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 '!=' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 ']' 813s + valid_certificate /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 /tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem 813s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 /tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem 813s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 813s + local key_pass=pass:random-root-ca-trusted-cert-0001-24312 813s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem 813s + local verify_option= 813s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 813s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 813s + local key_pass=pass:random-root-ca-trusted-cert-0001-24312 813s + local key_cn 813s + local key_name 813s + local tokens_dir 813s + local output_cert_file 813s + token_name= 813s ++ basename /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem .pem 813s + key_name=test-root-CA-trusted-certificate-0001 813s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 813s ++ sed -n 's/ *commonName *= //p' 813s + key_cn='Test Organization Root Trusted Certificate 0001' 813s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 813s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf 813s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf 813s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 813s Test Organization Root Tr Token 813s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001 813s + token_name='Test Organization Root Tr Token' 813s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 813s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001 ']' 813s + echo 'Test Organization Root Tr Token' 813s + '[' -n '' ']' 813s + local output_base_name=SSSD-child-24809 813s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-24809.output 813s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-24809.pem 813s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem 813s [p11_child[2182]] [main] (0x0400): p11_child started. 813s [p11_child[2182]] [main] (0x2000): Running in [pre-auth] mode. 813s [p11_child[2182]] [main] (0x2000): Running with effective IDs: [0][0]. 813s [p11_child[2182]] [main] (0x2000): Running with real IDs [0][0]. 813s [p11_child[2182]] [do_card] (0x4000): Module List: 813s [p11_child[2182]] [do_card] (0x4000): common name: [softhsm2]. 813s [p11_child[2182]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 813s [p11_child[2182]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6b0fd98] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 813s [p11_child[2182]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 813s [p11_child[2182]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6b0fd98][112262552] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 813s [p11_child[2182]] [do_card] (0x4000): Login NOT required. 813s [p11_child[2182]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 813s [p11_child[2182]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 813s [p11_child[2182]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 813s [p11_child[2182]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6b0fd98;slot-manufacturer=SoftHSM%20project;slot-id=112262552;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=33461f1a86b0fd98;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 813s [p11_child[2182]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 813s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-24809.output 813s + echo '-----BEGIN CERTIFICATE-----' 813s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-24809.output 813s + echo '-----END CERTIFICATE-----' 813s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-24809.pem 813s Certificate: 813s Data: 813s Version: 3 (0x2) 813s Serial Number: 3 (0x3) 813s Signature Algorithm: sha256WithRSAEncryption 813s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 813s Validity 813s Not Before: Mar 20 18:34:39 2024 GMT 813s Not After : Mar 20 18:34:39 2025 GMT 813s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 813s Subject Public Key Info: 813s Public Key Algorithm: rsaEncryption 813s Public-Key: (1024 bit) 813s Modulus: 813s 00:aa:2e:18:43:63:fe:60:6b:83:d3:38:5b:59:f5: 813s e2:7a:64:f0:06:d5:f9:e7:e3:fe:cd:cf:18:02:c0: 813s 31:74:13:45:19:74:f0:9b:e9:f2:67:d0:4f:89:01: 813s b6:d5:f3:9c:98:c6:61:e3:0d:68:a4:89:ba:60:f4: 813s 86:c6:77:81:40:05:e0:cd:cb:71:9e:3e:51:60:03: 813s 0b:f2:a7:3e:7f:4b:a0:5d:93:cd:47:85:03:c3:d1: 813s 37:2c:6b:75:bb:44:81:4a:de:b2:1b:20:26:0c:03: 813s da:d7:44:74:30:56:99:ac:a8:74:a6:7c:33:9b:8e: 813s af:6a:af:ef:e0:4b:e3:a2:99 813s Exponent: 65537 (0x10001) 813s X509v3 extensions: 813s X509v3 Authority Key Identifier: 813s 0B:E3:CD:1B:0A:4B:1C:68:AB:E1:F4:1D:66:CE:C5:AF:55:55:99:BB 813s X509v3 Basic Constraints: 813s CA:FALSE 813s Netscape Cert Type: 813s SSL Client, S/MIME 813s Netscape Comment: 813s Test Organization Root CA trusted Certificate 813s X509v3 Subject Key Identifier: 813s 40:D7:1F:2F:DD:14:E8:44:F7:F4:6A:E8:AC:6F:56:7A:6A:9B:61:B6 813s X509v3 Key Usage: critical 813s Digital Signature, Non Repudiation, Key Encipherment 813s X509v3 Extended Key Usage: 813s TLS Web Client Authentication, E-mail Protection 813s X509v3 Subject Alternative Name: 813s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 813s Signature Algorithm: sha256WithRSAEncryption 813s Signature Value: 813s 5d:1b:80:89:47:8d:63:dc:63:e2:1b:b1:ac:4f:eb:a3:8d:57: 813s 17:67:41:29:9a:33:a0:55:c0:df:e5:e2:2b:06:29:48:eb:99: 813s 5e:19:df:21:f6:c8:3f:ef:aa:fa:b2:bb:df:d0:b8:89:8b:87: 813s c4:30:c5:9e:bc:61:00:a9:c1:26:ff:c2:48:01:7d:f3:1b:74: 813s 9c:42:ee:a9:ed:39:16:87:84:c7:61:0c:2b:51:23:f6:69:cf: 813s af:0d:8d:c2:41:b9:ad:f6:ef:88:86:08:49:97:70:29:08:6c: 813s a4:2c:4d:6b:21:75:7e:ce:40:04:99:dc:91:17:76:ed:b0:7b: 813s eb:3d 813s + local found_md5 expected_md5 813s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 813s + expected_md5=Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 813s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-24809.pem 813s + found_md5=Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 813s + '[' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 '!=' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 ']' 813s + output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-24809-auth.output 813s ++ basename /tmp/sssd-softhsm2-tcILm7/SSSD-child-24809-auth.output .output 813s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-24809-auth.pem 813s + echo -n 053350 813s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 813s [p11_child[2190]] [main] (0x0400): p11_child started. 813s [p11_child[2190]] [main] (0x2000): Running in [auth] mode. 813s [p11_child[2190]] [main] (0x2000): Running with effective IDs: [0][0]. 813s [p11_child[2190]] [main] (0x2000): Running with real IDs [0][0]. 813s [p11_child[2190]] [do_card] (0x4000): Module List: 813s [p11_child[2190]] [do_card] (0x4000): common name: [softhsm2]. 813s [p11_child[2190]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 813s [p11_child[2190]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6b0fd98] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 813s [p11_child[2190]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 813s [p11_child[2190]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6b0fd98][112262552] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 813s [p11_child[2190]] [do_card] (0x4000): Login required. 813s [p11_child[2190]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 813s [p11_child[2190]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 813s [p11_child[2190]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 813s Certificate: 813s Data: 813s Version: 3 (0x2) 813s Serial Number: 3 (0x3) 813s Signature Algorithm: sha256WithRSAEncryption 813s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 813s Validity 813s Not Before: Mar 20 18:34:39 2024 GMT 813s Not After : Mar 20 18:34:39 2025 GMT 813s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 813s Subject Public Key Info: 813s Public Key Algorithm: rsaEncryption 813s Public-Key: (1024 bit) 813s Modulus: 813s 00:aa:2e:18:43:63:fe:60:6b:83:d3:38:5b:59:f5: 813s e2:7a:64:f0:06:d5:f9:e7:e3:fe:cd:cf:18:02:c0: 813s 31:74:13:45:19:74:f0:9b:e9:f2:67:d0:4f:89:01: 813s b6:d5:f3:9c:98:c6:61:e3:0d:68:a4:89:ba:60:f4: 813s 86:c6:77:81:40:05:e0:cd:cb:71:9e:3e:51:60:03: 813s 0b:f2:a7:3e:7f:4b:a0:5d:93:cd:47:85:03:c3:d1: 813s 37:2c:6b:75:bb:44:81:4a:de:b2:1b:20:26:0c:03: 813s da:d7:44:74:30:56:99:ac:a8:74:a6:7c:33:9b:8e: 813s af:6a:af:ef:e0:4b:e3:a2:99 813s Exponent: 65537 (0x10001) 813s X509v3 extensions: 813s X509v3 Authority Key Identifier: 813s 0B:E3:CD:1B:0A:4B:1C:68:AB:E1:F4:1D:66:CE:C5:AF:55:55:99:BB 813s X509v3 Basic Constraints: 813s CA:FALSE 813s Netscape Cert Type: 813s SSL Client, S/MIME 813s Netscape Comment: 813s Test Organization Root CA trusted Certificate 813s X509v3 Subject Key Identifier: 813s 40:D7:1F:2F:DD:14:E8:44:F7:F4:6A:E8:AC:6F:56:7A:6A:9B:61:B6 813s X509v3 Key Usage: critical 813s Digital Signature, Non Repudiation, Key Encipherment 813s X509v3 Extended Key Usage: 813s TLS Web Client Authentication, E-mail Protection 813s X509v3 Subject Alternative Name: 813s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 813s Signature Algorithm: sha256WithRSAEncryption 813s Signature Value: 813s 5d:1b:80:89:47:8d:63:dc:63:e2:1b:b1:ac:4f:eb:a3:8d:57: 813s 17:67:41:29:9a:33:a0:55:c0:df:e5:e2:2b:06:29:48:eb:99: 813s 5e:19:df:21:f6:c8:3f:ef:aa:fa:b2:bb:df:d0:b8:89:8b:87: 813s c4:30:c5:9e:bc:61:00:a9:c1:26:ff:c2:48:01:7d:f3:1b:74: 813s 9c:42:ee:a9:ed:39:16:87:84:c7:61:0c:2b:51:23:f6:69:cf: 813s af:0d:8d:c2:41:b9:ad:f6:ef:88:86:08:49:97:70:29:08:6c: 813s a4:2c:4d:6b:21:75:7e:ce:40:04:99:dc:91:17:76:ed:b0:7b: 813s eb:3d 813s [p11_child[2190]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6b0fd98;slot-manufacturer=SoftHSM%20project;slot-id=112262552;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=33461f1a86b0fd98;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 813s [p11_child[2190]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 813s [p11_child[2190]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 813s [p11_child[2190]] [do_card] (0x4000): Certificate verified and validated. 813s [p11_child[2190]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 813s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-24809-auth.output 813s + echo '-----BEGIN CERTIFICATE-----' 813s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-24809-auth.output 813s + echo '-----END CERTIFICATE-----' 813s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-24809-auth.pem 813s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-24809-auth.pem 813s + found_md5=Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 813s + '[' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 '!=' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 ']' 813s + valid_certificate /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 /tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem partial_chain 813s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 /tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem partial_chain 813s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 813s + local key_pass=pass:random-root-ca-trusted-cert-0001-24312 813s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem 813s + local verify_option=partial_chain 813s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 813s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 813s + local key_pass=pass:random-root-ca-trusted-cert-0001-24312 813s + local key_cn 813s + local key_name 813s + local tokens_dir 813s + local output_cert_file 813s + token_name= 813s ++ basename /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem .pem 814s + key_name=test-root-CA-trusted-certificate-0001 814s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 814s ++ sed -n 's/ *commonName *= //p' 814s + key_cn='Test Organization Root Trusted Certificate 0001' 814s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 814s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf 814s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf 814s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 814s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001 814s + token_name='Test Organization Root Tr Token' 814s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 814s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001 ']' 814s Test Organization Root Tr Token 814s + echo 'Test Organization Root Tr Token' 814s + '[' -n partial_chain ']' 814s + local verify_arg=--verify=partial_chain 814s + local output_base_name=SSSD-child-19519 814s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-19519.output 814s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-19519.pem 814s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem 814s [p11_child[2200]] [main] (0x0400): p11_child started. 814s [p11_child[2200]] [main] (0x2000): Running in [pre-auth] mode. 814s [p11_child[2200]] [main] (0x2000): Running with effective IDs: [0][0]. 814s [p11_child[2200]] [main] (0x2000): Running with real IDs [0][0]. 814s [p11_child[2200]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 814s [p11_child[2200]] [do_card] (0x4000): Module List: 814s [p11_child[2200]] [do_card] (0x4000): common name: [softhsm2]. 814s [p11_child[2200]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 814s [p11_child[2200]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6b0fd98] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 814s [p11_child[2200]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 814s [p11_child[2200]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6b0fd98][112262552] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 814s [p11_child[2200]] [do_card] (0x4000): Login NOT required. 814s [p11_child[2200]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 814s [p11_child[2200]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 814s [p11_child[2200]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Root Tr Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 814s [p11_child[2200]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6b0fd98;slot-manufacturer=SoftHSM%20project;slot-id=112262552;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=33461f1a86b0fd98;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 814s [p11_child[2200]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 814s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-19519.output 814s + echo '-----BEGIN CERTIFICATE-----' 814s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-19519.output 814s + echo '-----END CERTIFICATE-----' 814s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-19519.pem 814s Certificate: 814s Data: 814s Version: 3 (0x2) 814s Serial Number: 3 (0x3) 814s Signature Algorithm: sha256WithRSAEncryption 814s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 814s Validity 814s Not Before: Mar 20 18:34:39 2024 GMT 814s Not After : Mar 20 18:34:39 2025 GMT 814s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 814s Subject Public Key Info: 814s Public Key Algorithm: rsaEncryption 814s Public-Key: (1024 bit) 814s Modulus: 814s 00:aa:2e:18:43:63:fe:60:6b:83:d3:38:5b:59:f5: 814s e2:7a:64:f0:06:d5:f9:e7:e3:fe:cd:cf:18:02:c0: 814s 31:74:13:45:19:74:f0:9b:e9:f2:67:d0:4f:89:01: 814s b6:d5:f3:9c:98:c6:61:e3:0d:68:a4:89:ba:60:f4: 814s 86:c6:77:81:40:05:e0:cd:cb:71:9e:3e:51:60:03: 814s 0b:f2:a7:3e:7f:4b:a0:5d:93:cd:47:85:03:c3:d1: 814s 37:2c:6b:75:bb:44:81:4a:de:b2:1b:20:26:0c:03: 814s da:d7:44:74:30:56:99:ac:a8:74:a6:7c:33:9b:8e: 814s af:6a:af:ef:e0:4b:e3:a2:99 814s Exponent: 65537 (0x10001) 814s X509v3 extensions: 814s X509v3 Authority Key Identifier: 814s 0B:E3:CD:1B:0A:4B:1C:68:AB:E1:F4:1D:66:CE:C5:AF:55:55:99:BB 814s X509v3 Basic Constraints: 814s CA:FALSE 814s Netscape Cert Type: 814s SSL Client, S/MIME 814s Netscape Comment: 814s Test Organization Root CA trusted Certificate 814s X509v3 Subject Key Identifier: 814s 40:D7:1F:2F:DD:14:E8:44:F7:F4:6A:E8:AC:6F:56:7A:6A:9B:61:B6 814s X509v3 Key Usage: critical 814s Digital Signature, Non Repudiation, Key Encipherment 814s X509v3 Extended Key Usage: 814s TLS Web Client Authentication, E-mail Protection 814s X509v3 Subject Alternative Name: 814s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 814s Signature Algorithm: sha256WithRSAEncryption 814s Signature Value: 814s 5d:1b:80:89:47:8d:63:dc:63:e2:1b:b1:ac:4f:eb:a3:8d:57: 814s 17:67:41:29:9a:33:a0:55:c0:df:e5:e2:2b:06:29:48:eb:99: 814s 5e:19:df:21:f6:c8:3f:ef:aa:fa:b2:bb:df:d0:b8:89:8b:87: 814s c4:30:c5:9e:bc:61:00:a9:c1:26:ff:c2:48:01:7d:f3:1b:74: 814s 9c:42:ee:a9:ed:39:16:87:84:c7:61:0c:2b:51:23:f6:69:cf: 814s af:0d:8d:c2:41:b9:ad:f6:ef:88:86:08:49:97:70:29:08:6c: 814s a4:2c:4d:6b:21:75:7e:ce:40:04:99:dc:91:17:76:ed:b0:7b: 814s eb:3d 814s + local found_md5 expected_md5 814s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 814s + expected_md5=Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 814s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-19519.pem 814s + found_md5=Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 814s + '[' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 '!=' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 ']' 814s + output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-19519-auth.output 814s ++ basename /tmp/sssd-softhsm2-tcILm7/SSSD-child-19519-auth.output .output 814s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-19519-auth.pem 814s + echo -n 053350 814s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Root Tr Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 814s [p11_child[2208]] [main] (0x0400): p11_child started. 814s [p11_child[2208]] [main] (0x2000): Running in [auth] mode. 814s [p11_child[2208]] [main] (0x2000): Running with effective IDs: [0][0]. 814s [p11_child[2208]] [main] (0x2000): Running with real IDs [0][0]. 814s [p11_child[2208]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 814s [p11_child[2208]] [do_card] (0x4000): Module List: 814s [p11_child[2208]] [do_card] (0x4000): common name: [softhsm2]. 814s [p11_child[2208]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 814s [p11_child[2208]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6b0fd98] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 814s [p11_child[2208]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 814s [p11_child[2208]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6b0fd98][112262552] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 814s [p11_child[2208]] [do_card] (0x4000): Login required. 814s [p11_child[2208]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 814s [p11_child[2208]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 814s [p11_child[2208]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Root Tr Token Test Organization Root Tr Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 814s [p11_child[2208]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x6b0fd98;slot-manufacturer=SoftHSM%20project;slot-id=112262552;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=33461f1a86b0fd98;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 814s [p11_child[2208]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 814s [p11_child[2208]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 814s [p11_child[2208]] [do_card] (0x4000): Certificate verified and validated. 814s [p11_child[2208]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 814s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-19519-auth.output 814s + echo '-----BEGIN CERTIFICATE-----' 814s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-19519-auth.output 814s + echo '-----END CERTIFICATE-----' 814s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-19519-auth.pem 814s Certificate: 814s Data: 814s Version: 3 (0x2) 814s Serial Number: 3 (0x3) 814s Signature Algorithm: sha256WithRSAEncryption 814s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 814s Validity 814s Not Before: Mar 20 18:34:39 2024 GMT 814s Not After : Mar 20 18:34:39 2025 GMT 814s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 814s Subject Public Key Info: 814s Public Key Algorithm: rsaEncryption 814s Public-Key: (1024 bit) 814s Modulus: 814s 00:aa:2e:18:43:63:fe:60:6b:83:d3:38:5b:59:f5: 814s e2:7a:64:f0:06:d5:f9:e7:e3:fe:cd:cf:18:02:c0: 814s 31:74:13:45:19:74:f0:9b:e9:f2:67:d0:4f:89:01: 814s b6:d5:f3:9c:98:c6:61:e3:0d:68:a4:89:ba:60:f4: 814s 86:c6:77:81:40:05:e0:cd:cb:71:9e:3e:51:60:03: 814s 0b:f2:a7:3e:7f:4b:a0:5d:93:cd:47:85:03:c3:d1: 814s 37:2c:6b:75:bb:44:81:4a:de:b2:1b:20:26:0c:03: 814s da:d7:44:74:30:56:99:ac:a8:74:a6:7c:33:9b:8e: 814s af:6a:af:ef:e0:4b:e3:a2:99 814s Exponent: 65537 (0x10001) 814s X509v3 extensions: 814s X509v3 Authority Key Identifier: 814s 0B:E3:CD:1B:0A:4B:1C:68:AB:E1:F4:1D:66:CE:C5:AF:55:55:99:BB 814s X509v3 Basic Constraints: 814s CA:FALSE 814s Netscape Cert Type: 814s SSL Client, S/MIME 814s Netscape Comment: 814s Test Organization Root CA trusted Certificate 814s X509v3 Subject Key Identifier: 814s 40:D7:1F:2F:DD:14:E8:44:F7:F4:6A:E8:AC:6F:56:7A:6A:9B:61:B6 814s X509v3 Key Usage: critical 814s Digital Signature, Non Repudiation, Key Encipherment 814s X509v3 Extended Key Usage: 814s TLS Web Client Authentication, E-mail Protection 814s X509v3 Subject Alternative Name: 814s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 814s Signature Algorithm: sha256WithRSAEncryption 814s Signature Value: 814s 5d:1b:80:89:47:8d:63:dc:63:e2:1b:b1:ac:4f:eb:a3:8d:57: 814s 17:67:41:29:9a:33:a0:55:c0:df:e5:e2:2b:06:29:48:eb:99: 814s 5e:19:df:21:f6:c8:3f:ef:aa:fa:b2:bb:df:d0:b8:89:8b:87: 814s c4:30:c5:9e:bc:61:00:a9:c1:26:ff:c2:48:01:7d:f3:1b:74: 814s 9c:42:ee:a9:ed:39:16:87:84:c7:61:0c:2b:51:23:f6:69:cf: 814s af:0d:8d:c2:41:b9:ad:f6:ef:88:86:08:49:97:70:29:08:6c: 814s a4:2c:4d:6b:21:75:7e:ce:40:04:99:dc:91:17:76:ed:b0:7b: 814s eb:3d 814s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-19519-auth.pem 814s + found_md5=Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 814s + '[' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 '!=' Modulus=AA2E184363FE606B83D3385B59F5E27A64F006D5F9E7E3FECDCF1802C0317413451974F09BE9F267D04F8901B6D5F39C98C661E30D68A489BA60F486C677814005E0CDCB719E3E5160030BF2A73E7F4BA05D93CD478503C3D1372C6B75BB44814ADEB21B20260C03DAD74474305699ACA874A67C339B8EAF6AAFEFE04BE3A299 ']' 814s + invalid_certificate /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem 814s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem 814s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 814s + local key_pass=pass:random-root-ca-trusted-cert-0001-24312 814s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem 814s + local verify_option= 814s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 814s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 814s + local key_pass=pass:random-root-ca-trusted-cert-0001-24312 814s + local key_cn 814s + local key_name 814s + local tokens_dir 814s + local output_cert_file 814s + token_name= 814s ++ basename /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem .pem 814s + key_name=test-root-CA-trusted-certificate-0001 814s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 814s ++ sed -n 's/ *commonName *= //p' 814s + key_cn='Test Organization Root Trusted Certificate 0001' 814s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 814s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf 814s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf 814s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 814s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001 814s + token_name='Test Organization Root Tr Token' 814s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 814s Test Organization Root Tr Token 814s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001 ']' 814s + echo 'Test Organization Root Tr Token' 814s + '[' -n '' ']' 814s + local output_base_name=SSSD-child-14180 814s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-14180.output 814s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-14180.pem 814s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem 814s [p11_child[2218]] [main] (0x0400): p11_child started. 814s [p11_child[2218]] [main] (0x2000): Running in [pre-auth] mode. 814s [p11_child[2218]] [main] (0x2000): Running with effective IDs: [0][0]. 814s [p11_child[2218]] [main] (0x2000): Running with real IDs [0][0]. 814s [p11_child[2218]] [do_card] (0x4000): Module List: 814s [p11_child[2218]] [do_card] (0x4000): common name: [softhsm2]. 814s [p11_child[2218]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 814s [p11_child[2218]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6b0fd98] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 814s [p11_child[2218]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 814s [p11_child[2218]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6b0fd98][112262552] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 814s [p11_child[2218]] [do_card] (0x4000): Login NOT required. 814s [p11_child[2218]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 814s [p11_child[2218]] [do_verification] (0x0040): X509_verify_cert failed [0]. 814s [p11_child[2218]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 814s [p11_child[2218]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 814s [p11_child[2218]] [do_card] (0x4000): No certificate found. 814s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-14180.output 814s + return 2 814s + invalid_certificate /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem partial_chain 814s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem partial_chain 814s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 814s + local key_pass=pass:random-root-ca-trusted-cert-0001-24312 814s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem 814s + local verify_option=partial_chain 814s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-24312 814s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 814s + local key_pass=pass:random-root-ca-trusted-cert-0001-24312 814s + local key_cn 814s + local key_name 814s + local tokens_dir 814s + local output_cert_file 814s + token_name= 814s ++ basename /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem .pem 814s + key_name=test-root-CA-trusted-certificate-0001 814s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-root-CA-trusted-certificate-0001.pem 814s ++ sed -n 's/ *commonName *= //p' 814s + key_cn='Test Organization Root Trusted Certificate 0001' 814s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 814s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf 814s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf 814s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 814s Test Organization Root Tr Token 814s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001 814s + token_name='Test Organization Root Tr Token' 814s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 814s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-root-CA-trusted-certificate-0001 ']' 814s + echo 'Test Organization Root Tr Token' 814s + '[' -n partial_chain ']' 814s + local verify_arg=--verify=partial_chain 814s + local output_base_name=SSSD-child-25445 814s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-25445.output 814s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-25445.pem 814s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem 814s [p11_child[2225]] [main] (0x0400): p11_child started. 814s [p11_child[2225]] [main] (0x2000): Running in [pre-auth] mode. 814s [p11_child[2225]] [main] (0x2000): Running with effective IDs: [0][0]. 814s [p11_child[2225]] [main] (0x2000): Running with real IDs [0][0]. 814s [p11_child[2225]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 814s [p11_child[2225]] [do_card] (0x4000): Module List: 814s [p11_child[2225]] [do_card] (0x4000): common name: [softhsm2]. 814s [p11_child[2225]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 814s [p11_child[2225]] [do_card] (0x4000): Description [SoftHSM slot ID 0x6b0fd98] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 814s [p11_child[2225]] [do_card] (0x4000): Token label [Test Organization Root Tr Token]. 814s [p11_child[2225]] [do_card] (0x4000): Found [Test Organization Root Tr Token] in slot [SoftHSM slot ID 0x6b0fd98][112262552] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 814s [p11_child[2225]] [do_card] (0x4000): Login NOT required. 814s [p11_child[2225]] [read_certs] (0x4000): found cert[Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] 814s [p11_child[2225]] [do_verification] (0x0040): X509_verify_cert failed [0]. 814s [p11_child[2225]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 814s [p11_child[2225]] [read_certs] (0x0040): Certificate [Test Organization Root Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root Trusted Certificate 0001] not valid, skipping. 814s [p11_child[2225]] [do_card] (0x4000): No certificate found. 814s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-25445.output 814s + return 2 814s + invalid_certificate /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 /dev/null 814s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 /dev/null 814s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 814s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-4094 814s + local key_ring=/dev/null 814s + local verify_option= 814s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 814s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 814s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-4094 814s + local key_cn 814s + local key_name 814s + local tokens_dir 814s + local output_cert_file 814s + token_name= 814s ++ basename /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem .pem 814s + key_name=test-intermediate-CA-trusted-certificate-0001 814s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 814s ++ sed -n 's/ *commonName *= //p' 814s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 814s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 814s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 814s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 814s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 814s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001 814s + token_name='Test Organization Interme Token' 814s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 814s + local key_file 814s + local decrypted_key 814s + mkdir -p /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001 814s + key_file=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001-key.pem 814s + decrypted_key=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 814s + cat 814s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 053350 --so-pin 053350 --free 814s Slot 0 has a free/uninitialized token. 814s The token has been initialized and is reassigned to slot 836813055 814s + softhsm2-util --show-slots 814s Available slots: 814s Slot 836813055 814s Slot info: 814s Description: SoftHSM slot ID 0x31e0c0ff 814s Manufacturer ID: SoftHSM project 814s Hardware version: 2.6 814s Firmware version: 2.6 814s Token present: yes 814s Token info: 814s Manufacturer ID: SoftHSM project 814s Model: SoftHSM v2 814s Hardware version: 2.6 814s Firmware version: 2.6 814s Serial number: bab0050bb1e0c0ff 814s Initialized: yes 814s User PIN init.: yes 814s Label: Test Organization Interme Token 814s Slot 1 814s Slot info: 814s Description: SoftHSM slot ID 0x1 814s Manufacturer ID: SoftHSM project 814s Hardware version: 2.6 814s Firmware version: 2.6 814s Token present: yes 814s Token info: 814s Manufacturer ID: SoftHSM project 814s Model: SoftHSM v2 814s Hardware version: 2.6 814s Firmware version: 2.6 814s Serial number: 814s Initialized: no 814s User PIN init.: no 814s Label: 814s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 814s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-4094 -in /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 814s writing RSA key 814s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 814s + rm /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 814s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 814s Object 0: 814s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=bab0050bb1e0c0ff;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 814s Type: X.509 Certificate (RSA-1024) 814s Expires: Thu Mar 20 18:34:39 2025 814s Label: Test Organization Intermediate Trusted Certificate 0001 814s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 814s 814s Test Organization Interme Token 814s + echo 'Test Organization Interme Token' 814s + '[' -n '' ']' 814s + local output_base_name=SSSD-child-14989 814s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-14989.output 814s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-14989.pem 814s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/dev/null 814s [p11_child[2241]] [main] (0x0400): p11_child started. 814s [p11_child[2241]] [main] (0x2000): Running in [pre-auth] mode. 814s [p11_child[2241]] [main] (0x2000): Running with effective IDs: [0][0]. 814s [p11_child[2241]] [main] (0x2000): Running with real IDs [0][0]. 814s [p11_child[2241]] [init_verification] (0x0040): X509_LOOKUP_load_file [/dev/null] failed [92274824][error:05800088:x509 certificate routines::no certificate or crl found]. 814s [p11_child[2241]] [do_work] (0x0040): init_verification failed. 814s [p11_child[2241]] [main] (0x0020): p11_child failed (5) 814s + return 2 814s + valid_certificate /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 /dev/null no_verification 814s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 /dev/null no_verification 814s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 814s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-4094 814s + local key_ring=/dev/null 814s + local verify_option=no_verification 814s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 814s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 814s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-4094 814s + local key_cn 814s + local key_name 814s + local tokens_dir 814s + local output_cert_file 814s + token_name= 814s ++ basename /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem .pem 814s + key_name=test-intermediate-CA-trusted-certificate-0001 814s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 814s ++ sed -n 's/ *commonName *= //p' 814s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 814s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 814s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 814s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 814s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 814s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001 814s + token_name='Test Organization Interme Token' 814s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 814s Test Organization Interme Token 814s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 814s + echo 'Test Organization Interme Token' 814s + '[' -n no_verification ']' 814s + local verify_arg=--verify=no_verification 814s + local output_base_name=SSSD-child-1682 814s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-1682.output 814s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-1682.pem 814s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=no_verification --ca_db=/dev/null 815s [p11_child[2247]] [main] (0x0400): p11_child started. 815s [p11_child[2247]] [main] (0x2000): Running in [pre-auth] mode. 815s [p11_child[2247]] [main] (0x2000): Running with effective IDs: [0][0]. 815s [p11_child[2247]] [main] (0x2000): Running with real IDs [0][0]. 815s [p11_child[2247]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 815s [p11_child[2247]] [do_card] (0x4000): Module List: 815s [p11_child[2247]] [do_card] (0x4000): common name: [softhsm2]. 815s [p11_child[2247]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 815s [p11_child[2247]] [do_card] (0x4000): Description [SoftHSM slot ID 0x31e0c0ff] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 815s [p11_child[2247]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 815s [p11_child[2247]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x31e0c0ff][836813055] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 815s [p11_child[2247]] [do_card] (0x4000): Login NOT required. 815s [p11_child[2247]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 815s [p11_child[2247]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 815s [p11_child[2247]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x31e0c0ff;slot-manufacturer=SoftHSM%20project;slot-id=836813055;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=bab0050bb1e0c0ff;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 815s [p11_child[2247]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 815s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-1682.output 815s + echo '-----BEGIN CERTIFICATE-----' 815s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-1682.output 815s + echo '-----END CERTIFICATE-----' 815s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-1682.pem 815s Certificate: 815s Data: 815s Version: 3 (0x2) 815s Serial Number: 4 (0x4) 815s Signature Algorithm: sha256WithRSAEncryption 815s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 815s Validity 815s Not Before: Mar 20 18:34:39 2024 GMT 815s Not After : Mar 20 18:34:39 2025 GMT 815s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 815s Subject Public Key Info: 815s Public Key Algorithm: rsaEncryption 815s Public-Key: (1024 bit) 815s Modulus: 815s 00:be:b3:5a:37:d7:96:1b:56:0d:59:0f:44:5a:bb: 815s e1:92:17:7d:15:01:9f:03:db:ea:13:0e:f9:39:3b: 815s a3:a8:8b:d9:20:50:98:0a:09:f1:fc:85:86:be:8e: 815s be:cd:41:24:18:a8:34:6f:8b:55:f7:61:1e:49:63: 815s 72:92:3c:17:7f:3e:1b:9e:a3:7c:40:1d:78:96:a9: 815s 91:34:d5:aa:0b:f4:c1:f9:99:8e:b8:77:b8:10:9a: 815s b5:2a:42:d7:6f:85:61:1d:e1:e4:8e:d6:70:b3:b3: 815s c3:b3:c9:4b:bd:66:c0:94:92:5b:1d:a3:c8:59:dd: 815s 9f:f0:cc:1d:c4:91:e2:a7:1b 815s Exponent: 65537 (0x10001) 815s X509v3 extensions: 815s X509v3 Authority Key Identifier: 815s CE:51:CA:54:B1:06:48:27:14:9C:68:3C:FE:0B:61:01:3E:E3:34:A6 815s X509v3 Basic Constraints: 815s CA:FALSE 815s Netscape Cert Type: 815s SSL Client, S/MIME 815s Netscape Comment: 815s Test Organization Intermediate CA trusted Certificate 815s X509v3 Subject Key Identifier: 815s 3F:86:F4:D5:F0:E1:1D:D8:97:92:8E:B2:CC:FB:51:F3:56:58:D0:E7 815s X509v3 Key Usage: critical 815s Digital Signature, Non Repudiation, Key Encipherment 815s X509v3 Extended Key Usage: 815s TLS Web Client Authentication, E-mail Protection 815s X509v3 Subject Alternative Name: 815s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 815s Signature Algorithm: sha256WithRSAEncryption 815s Signature Value: 815s 0d:f4:7f:ca:9e:ac:24:f4:3a:db:ba:9e:c7:78:6a:95:81:3e: 815s 9d:88:60:c8:78:87:40:c7:d7:28:83:de:34:83:a6:24:e5:01: 815s c5:e1:4b:b0:eb:2e:b1:78:c4:6e:8a:c7:19:d4:28:3b:9c:1f: 815s c9:49:a9:c0:8f:65:29:29:3e:80:6d:bc:ce:e0:37:cb:67:1d: 815s 60:12:62:82:ee:45:46:77:a3:da:3c:73:80:23:e0:a4:67:db: 815s 1e:f0:67:c1:7e:9f:19:c3:c3:80:97:de:05:a6:e2:31:dd:23: 815s 82:8d:c0:26:76:fa:43:46:96:28:00:00:66:83:b8:e5:d0:b5: 815s be:6d 815s + local found_md5 expected_md5 815s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 815s + expected_md5=Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B 815s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-1682.pem 815s + found_md5=Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B 815s + '[' Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B '!=' Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B ']' 815s + output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-1682-auth.output 815s ++ basename /tmp/sssd-softhsm2-tcILm7/SSSD-child-1682-auth.output .output 815s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-1682-auth.pem 815s + echo -n 053350 815s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/dev/null --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=no_verification --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 815s [p11_child[2255]] [main] (0x0400): p11_child started. 815s [p11_child[2255]] [main] (0x2000): Running in [auth] mode. 815s [p11_child[2255]] [main] (0x2000): Running with effective IDs: [0][0]. 815s [p11_child[2255]] [main] (0x2000): Running with real IDs [0][0]. 815s [p11_child[2255]] [parse_cert_verify_opts] (0x0020): Found 'no_verification' option, disabling verification completely. This should not be used in production. 815s [p11_child[2255]] [do_card] (0x4000): Module List: 815s [p11_child[2255]] [do_card] (0x4000): common name: [softhsm2]. 815s [p11_child[2255]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 815s [p11_child[2255]] [do_card] (0x4000): Description [SoftHSM slot ID 0x31e0c0ff] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 815s [p11_child[2255]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 815s [p11_child[2255]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x31e0c0ff][836813055] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 815s [p11_child[2255]] [do_card] (0x4000): Login required. 815s [p11_child[2255]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 815s [p11_child[2255]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 815s [p11_child[2255]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x31e0c0ff;slot-manufacturer=SoftHSM%20project;slot-id=836813055;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=bab0050bb1e0c0ff;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 815s [p11_child[2255]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 815s [p11_child[2255]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 815s [p11_child[2255]] [do_card] (0x4000): Certificate verified and validated. 815s [p11_child[2255]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 815s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-1682-auth.output 815s + echo '-----BEGIN CERTIFICATE-----' 815s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-1682-auth.output 815s + echo '-----END CERTIFICATE-----' 815s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-1682-auth.pem 815s Certificate: 815s Data: 815s Version: 3 (0x2) 815s Serial Number: 4 (0x4) 815s Signature Algorithm: sha256WithRSAEncryption 815s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 815s Validity 815s Not Before: Mar 20 18:34:39 2024 GMT 815s Not After : Mar 20 18:34:39 2025 GMT 815s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 815s Subject Public Key Info: 815s Public Key Algorithm: rsaEncryption 815s Public-Key: (1024 bit) 815s Modulus: 815s 00:be:b3:5a:37:d7:96:1b:56:0d:59:0f:44:5a:bb: 815s e1:92:17:7d:15:01:9f:03:db:ea:13:0e:f9:39:3b: 815s a3:a8:8b:d9:20:50:98:0a:09:f1:fc:85:86:be:8e: 815s be:cd:41:24:18:a8:34:6f:8b:55:f7:61:1e:49:63: 815s 72:92:3c:17:7f:3e:1b:9e:a3:7c:40:1d:78:96:a9: 815s 91:34:d5:aa:0b:f4:c1:f9:99:8e:b8:77:b8:10:9a: 815s b5:2a:42:d7:6f:85:61:1d:e1:e4:8e:d6:70:b3:b3: 815s c3:b3:c9:4b:bd:66:c0:94:92:5b:1d:a3:c8:59:dd: 815s 9f:f0:cc:1d:c4:91:e2:a7:1b 815s Exponent: 65537 (0x10001) 815s X509v3 extensions: 815s X509v3 Authority Key Identifier: 815s CE:51:CA:54:B1:06:48:27:14:9C:68:3C:FE:0B:61:01:3E:E3:34:A6 815s X509v3 Basic Constraints: 815s CA:FALSE 815s Netscape Cert Type: 815s SSL Client, S/MIME 815s Netscape Comment: 815s Test Organization Intermediate CA trusted Certificate 815s X509v3 Subject Key Identifier: 815s 3F:86:F4:D5:F0:E1:1D:D8:97:92:8E:B2:CC:FB:51:F3:56:58:D0:E7 815s X509v3 Key Usage: critical 815s Digital Signature, Non Repudiation, Key Encipherment 815s X509v3 Extended Key Usage: 815s TLS Web Client Authentication, E-mail Protection 815s X509v3 Subject Alternative Name: 815s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 815s Signature Algorithm: sha256WithRSAEncryption 815s Signature Value: 815s 0d:f4:7f:ca:9e:ac:24:f4:3a:db:ba:9e:c7:78:6a:95:81:3e: 815s 9d:88:60:c8:78:87:40:c7:d7:28:83:de:34:83:a6:24:e5:01: 815s c5:e1:4b:b0:eb:2e:b1:78:c4:6e:8a:c7:19:d4:28:3b:9c:1f: 815s c9:49:a9:c0:8f:65:29:29:3e:80:6d:bc:ce:e0:37:cb:67:1d: 815s 60:12:62:82:ee:45:46:77:a3:da:3c:73:80:23:e0:a4:67:db: 815s 1e:f0:67:c1:7e:9f:19:c3:c3:80:97:de:05:a6:e2:31:dd:23: 815s 82:8d:c0:26:76:fa:43:46:96:28:00:00:66:83:b8:e5:d0:b5: 815s be:6d 815s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-1682-auth.pem 815s + found_md5=Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B 815s + '[' Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B '!=' Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B ']' 815s + invalid_certificate /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 815s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 815s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 815s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-4094 815s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 815s + local verify_option= 815s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 815s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 815s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-4094 815s + local key_cn 815s + local key_name 815s + local tokens_dir 815s + local output_cert_file 815s + token_name= 815s ++ basename /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem .pem 815s + key_name=test-intermediate-CA-trusted-certificate-0001 815s ++ sed -n 's/ *commonName *= //p' 815s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 815s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 815s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 815s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 815s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 815s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 815s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001 815s + token_name='Test Organization Interme Token' 815s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 815s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 815s + echo 'Test Organization Interme Token' 815s Test Organization Interme Token 815s + '[' -n '' ']' 815s + local output_base_name=SSSD-child-28416 815s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-28416.output 815s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-28416.pem 815s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 815s [p11_child[2265]] [main] (0x0400): p11_child started. 815s [p11_child[2265]] [main] (0x2000): Running in [pre-auth] mode. 815s [p11_child[2265]] [main] (0x2000): Running with effective IDs: [0][0]. 815s [p11_child[2265]] [main] (0x2000): Running with real IDs [0][0]. 815s [p11_child[2265]] [do_card] (0x4000): Module List: 815s [p11_child[2265]] [do_card] (0x4000): common name: [softhsm2]. 815s [p11_child[2265]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 815s [p11_child[2265]] [do_card] (0x4000): Description [SoftHSM slot ID 0x31e0c0ff] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 815s [p11_child[2265]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 815s [p11_child[2265]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x31e0c0ff][836813055] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 815s [p11_child[2265]] [do_card] (0x4000): Login NOT required. 815s [p11_child[2265]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 815s [p11_child[2265]] [do_verification] (0x0040): X509_verify_cert failed [0]. 815s [p11_child[2265]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 815s [p11_child[2265]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 815s [p11_child[2265]] [do_card] (0x4000): No certificate found. 815s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-28416.output 815s + return 2 815s + invalid_certificate /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem partial_chain 815s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem partial_chain 815s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 815s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-4094 815s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 815s + local verify_option=partial_chain 815s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 815s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 815s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-4094 815s + local key_cn 815s + local key_name 815s + local tokens_dir 815s + local output_cert_file 815s + token_name= 815s ++ basename /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem .pem 815s + key_name=test-intermediate-CA-trusted-certificate-0001 815s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 815s ++ sed -n 's/ *commonName *= //p' 815s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 815s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 815s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 815s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 815s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 815s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001 815s + token_name='Test Organization Interme Token' 815s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 815s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 815s + echo 'Test Organization Interme Token' 815s Test Organization Interme Token 815s + '[' -n partial_chain ']' 815s + local verify_arg=--verify=partial_chain 815s + local output_base_name=SSSD-child-5787 815s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-5787.output 815s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-5787.pem 815s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 815s [p11_child[2272]] [main] (0x0400): p11_child started. 815s [p11_child[2272]] [main] (0x2000): Running in [pre-auth] mode. 815s [p11_child[2272]] [main] (0x2000): Running with effective IDs: [0][0]. 815s [p11_child[2272]] [main] (0x2000): Running with real IDs [0][0]. 815s [p11_child[2272]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 815s [p11_child[2272]] [do_card] (0x4000): Module List: 815s [p11_child[2272]] [do_card] (0x4000): common name: [softhsm2]. 815s [p11_child[2272]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 815s [p11_child[2272]] [do_card] (0x4000): Description [SoftHSM slot ID 0x31e0c0ff] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 815s [p11_child[2272]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 815s [p11_child[2272]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x31e0c0ff][836813055] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 815s [p11_child[2272]] [do_card] (0x4000): Login NOT required. 815s [p11_child[2272]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 815s [p11_child[2272]] [do_verification] (0x0040): X509_verify_cert failed [0]. 815s [p11_child[2272]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 815s [p11_child[2272]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 815s [p11_child[2272]] [do_card] (0x4000): No certificate found. 815s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-5787.output 815s + return 2 815s + valid_certificate /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 /tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem 815s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 /tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem 815s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 815s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-4094 815s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem 815s + local verify_option= 815s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 815s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 815s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-4094 815s + local key_cn 815s + local key_name 815s + local tokens_dir 815s + local output_cert_file 815s + token_name= 815s ++ basename /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem .pem 815s + key_name=test-intermediate-CA-trusted-certificate-0001 815s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 815s ++ sed -n 's/ *commonName *= //p' 815s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 815s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 815s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 815s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 815s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 815s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001 815s + token_name='Test Organization Interme Token' 815s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 815s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 815s + echo 'Test Organization Interme Token' 815s Test Organization Interme Token 815s + '[' -n '' ']' 815s + local output_base_name=SSSD-child-22852 815s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-22852.output 815s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-22852.pem 815s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem 815s [p11_child[2279]] [main] (0x0400): p11_child started. 815s [p11_child[2279]] [main] (0x2000): Running in [pre-auth] mode. 815s [p11_child[2279]] [main] (0x2000): Running with effective IDs: [0][0]. 815s [p11_child[2279]] [main] (0x2000): Running with real IDs [0][0]. 815s [p11_child[2279]] [do_card] (0x4000): Module List: 815s [p11_child[2279]] [do_card] (0x4000): common name: [softhsm2]. 815s [p11_child[2279]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 815s [p11_child[2279]] [do_card] (0x4000): Description [SoftHSM slot ID 0x31e0c0ff] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 815s [p11_child[2279]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 815s [p11_child[2279]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x31e0c0ff][836813055] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 815s [p11_child[2279]] [do_card] (0x4000): Login NOT required. 815s [p11_child[2279]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 815s [p11_child[2279]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 815s [p11_child[2279]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 815s [p11_child[2279]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x31e0c0ff;slot-manufacturer=SoftHSM%20project;slot-id=836813055;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=bab0050bb1e0c0ff;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 815s [p11_child[2279]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 815s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-22852.output 815s + echo '-----BEGIN CERTIFICATE-----' 815s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-22852.output 815s + echo '-----END CERTIFICATE-----' 815s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-22852.pem 815s + local found_md5 expected_md5 815s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 815s Certificate: 815s Data: 815s Version: 3 (0x2) 815s Serial Number: 4 (0x4) 815s Signature Algorithm: sha256WithRSAEncryption 815s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 815s Validity 815s Not Before: Mar 20 18:34:39 2024 GMT 815s Not After : Mar 20 18:34:39 2025 GMT 815s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 815s Subject Public Key Info: 815s Public Key Algorithm: rsaEncryption 815s Public-Key: (1024 bit) 815s Modulus: 815s 00:be:b3:5a:37:d7:96:1b:56:0d:59:0f:44:5a:bb: 815s e1:92:17:7d:15:01:9f:03:db:ea:13:0e:f9:39:3b: 815s a3:a8:8b:d9:20:50:98:0a:09:f1:fc:85:86:be:8e: 815s be:cd:41:24:18:a8:34:6f:8b:55:f7:61:1e:49:63: 815s 72:92:3c:17:7f:3e:1b:9e:a3:7c:40:1d:78:96:a9: 815s 91:34:d5:aa:0b:f4:c1:f9:99:8e:b8:77:b8:10:9a: 815s b5:2a:42:d7:6f:85:61:1d:e1:e4:8e:d6:70:b3:b3: 815s c3:b3:c9:4b:bd:66:c0:94:92:5b:1d:a3:c8:59:dd: 815s 9f:f0:cc:1d:c4:91:e2:a7:1b 815s Exponent: 65537 (0x10001) 815s X509v3 extensions: 815s X509v3 Authority Key Identifier: 815s CE:51:CA:54:B1:06:48:27:14:9C:68:3C:FE:0B:61:01:3E:E3:34:A6 815s X509v3 Basic Constraints: 815s CA:FALSE 815s Netscape Cert Type: 815s SSL Client, S/MIME 815s Netscape Comment: 815s Test Organization Intermediate CA trusted Certificate 815s X509v3 Subject Key Identifier: 815s 3F:86:F4:D5:F0:E1:1D:D8:97:92:8E:B2:CC:FB:51:F3:56:58:D0:E7 815s X509v3 Key Usage: critical 815s Digital Signature, Non Repudiation, Key Encipherment 815s X509v3 Extended Key Usage: 815s TLS Web Client Authentication, E-mail Protection 815s X509v3 Subject Alternative Name: 815s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 815s Signature Algorithm: sha256WithRSAEncryption 815s Signature Value: 815s 0d:f4:7f:ca:9e:ac:24:f4:3a:db:ba:9e:c7:78:6a:95:81:3e: 815s 9d:88:60:c8:78:87:40:c7:d7:28:83:de:34:83:a6:24:e5:01: 815s c5:e1:4b:b0:eb:2e:b1:78:c4:6e:8a:c7:19:d4:28:3b:9c:1f: 815s c9:49:a9:c0:8f:65:29:29:3e:80:6d:bc:ce:e0:37:cb:67:1d: 815s 60:12:62:82:ee:45:46:77:a3:da:3c:73:80:23:e0:a4:67:db: 815s 1e:f0:67:c1:7e:9f:19:c3:c3:80:97:de:05:a6:e2:31:dd:23: 815s 82:8d:c0:26:76:fa:43:46:96:28:00:00:66:83:b8:e5:d0:b5: 815s be:6d 815s + expected_md5=Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B 815s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-22852.pem 815s + found_md5=Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B 815s + '[' Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B '!=' Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B ']' 815s + output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-22852-auth.output 815s ++ basename /tmp/sssd-softhsm2-tcILm7/SSSD-child-22852-auth.output .output 815s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-22852-auth.pem 815s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 815s + echo -n 053350 815s [p11_child[2287]] [main] (0x0400): p11_child started. 815s [p11_child[2287]] [main] (0x2000): Running in [auth] mode. 815s [p11_child[2287]] [main] (0x2000): Running with effective IDs: [0][0]. 815s [p11_child[2287]] [main] (0x2000): Running with real IDs [0][0]. 815s [p11_child[2287]] [do_card] (0x4000): Module List: 815s [p11_child[2287]] [do_card] (0x4000): common name: [softhsm2]. 815s [p11_child[2287]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 815s [p11_child[2287]] [do_card] (0x4000): Description [SoftHSM slot ID 0x31e0c0ff] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 815s [p11_child[2287]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 815s [p11_child[2287]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x31e0c0ff][836813055] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 815s [p11_child[2287]] [do_card] (0x4000): Login required. 815s [p11_child[2287]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 815s [p11_child[2287]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 815s [p11_child[2287]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 815s [p11_child[2287]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x31e0c0ff;slot-manufacturer=SoftHSM%20project;slot-id=836813055;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=bab0050bb1e0c0ff;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 815s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 815s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 816s [p11_child[2287]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 816s [p11_child[2287]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 816s [p11_child[2287]] [do_card] (0x4000): Certificate verified and validated. 816s [p11_child[2287]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 816s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-22852-auth.output 816s + echo '-----BEGIN CERTIFICATE-----' 816s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-22852-auth.output 816s + echo '-----END CERTIFICATE-----' 816s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-22852-auth.pem 816s Certificate: 816s Data: 816s Version: 3 (0x2) 816s Serial Number: 4 (0x4) 816s Signature Algorithm: sha256WithRSAEncryption 816s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 816s Validity 816s Not Before: Mar 20 18:34:39 2024 GMT 816s Not After : Mar 20 18:34:39 2025 GMT 816s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 816s Subject Public Key Info: 816s Public Key Algorithm: rsaEncryption 816s Public-Key: (1024 bit) 816s Modulus: 816s 00:be:b3:5a:37:d7:96:1b:56:0d:59:0f:44:5a:bb: 816s e1:92:17:7d:15:01:9f:03:db:ea:13:0e:f9:39:3b: 816s a3:a8:8b:d9:20:50:98:0a:09:f1:fc:85:86:be:8e: 816s be:cd:41:24:18:a8:34:6f:8b:55:f7:61:1e:49:63: 816s 72:92:3c:17:7f:3e:1b:9e:a3:7c:40:1d:78:96:a9: 816s 91:34:d5:aa:0b:f4:c1:f9:99:8e:b8:77:b8:10:9a: 816s b5:2a:42:d7:6f:85:61:1d:e1:e4:8e:d6:70:b3:b3: 816s c3:b3:c9:4b:bd:66:c0:94:92:5b:1d:a3:c8:59:dd: 816s 9f:f0:cc:1d:c4:91:e2:a7:1b 816s Exponent: 65537 (0x10001) 816s X509v3 extensions: 816s X509v3 Authority Key Identifier: 816s CE:51:CA:54:B1:06:48:27:14:9C:68:3C:FE:0B:61:01:3E:E3:34:A6 816s X509v3 Basic Constraints: 816s CA:FALSE 816s Netscape Cert Type: 816s SSL Client, S/MIME 816s Netscape Comment: 816s Test Organization Intermediate CA trusted Certificate 816s X509v3 Subject Key Identifier: 816s 3F:86:F4:D5:F0:E1:1D:D8:97:92:8E:B2:CC:FB:51:F3:56:58:D0:E7 816s X509v3 Key Usage: critical 816s Digital Signature, Non Repudiation, Key Encipherment 816s X509v3 Extended Key Usage: 816s TLS Web Client Authentication, E-mail Protection 816s X509v3 Subject Alternative Name: 816s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 816s Signature Algorithm: sha256WithRSAEncryption 816s Signature Value: 816s 0d:f4:7f:ca:9e:ac:24:f4:3a:db:ba:9e:c7:78:6a:95:81:3e: 816s 9d:88:60:c8:78:87:40:c7:d7:28:83:de:34:83:a6:24:e5:01: 816s c5:e1:4b:b0:eb:2e:b1:78:c4:6e:8a:c7:19:d4:28:3b:9c:1f: 816s c9:49:a9:c0:8f:65:29:29:3e:80:6d:bc:ce:e0:37:cb:67:1d: 816s 60:12:62:82:ee:45:46:77:a3:da:3c:73:80:23:e0:a4:67:db: 816s 1e:f0:67:c1:7e:9f:19:c3:c3:80:97:de:05:a6:e2:31:dd:23: 816s 82:8d:c0:26:76:fa:43:46:96:28:00:00:66:83:b8:e5:d0:b5: 816s be:6d 816s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-22852-auth.pem 816s + found_md5=Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B 816s + '[' Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B '!=' Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B ']' 816s + valid_certificate /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 /tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem partial_chain 816s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 /tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem partial_chain 816s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 816s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-4094 816s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem 816s + local verify_option=partial_chain 816s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 816s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 816s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-4094 816s + local key_cn 816s + local key_name 816s + local tokens_dir 816s + local output_cert_file 816s + token_name= 816s ++ basename /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem .pem 816s + key_name=test-intermediate-CA-trusted-certificate-0001 816s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 816s ++ sed -n 's/ *commonName *= //p' 816s Test Organization Interme Token 816s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 816s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 816s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 816s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 816s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 816s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001 816s + token_name='Test Organization Interme Token' 816s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 816s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 816s + echo 'Test Organization Interme Token' 816s + '[' -n partial_chain ']' 816s + local verify_arg=--verify=partial_chain 816s + local output_base_name=SSSD-child-8873 816s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-8873.output 816s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-8873.pem 816s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem 816s [p11_child[2297]] [main] (0x0400): p11_child started. 816s [p11_child[2297]] [main] (0x2000): Running in [pre-auth] mode. 816s [p11_child[2297]] [main] (0x2000): Running with effective IDs: [0][0]. 816s [p11_child[2297]] [main] (0x2000): Running with real IDs [0][0]. 816s [p11_child[2297]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 816s [p11_child[2297]] [do_card] (0x4000): Module List: 816s [p11_child[2297]] [do_card] (0x4000): common name: [softhsm2]. 816s [p11_child[2297]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 816s [p11_child[2297]] [do_card] (0x4000): Description [SoftHSM slot ID 0x31e0c0ff] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 816s [p11_child[2297]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 816s [p11_child[2297]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x31e0c0ff][836813055] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 816s [p11_child[2297]] [do_card] (0x4000): Login NOT required. 816s [p11_child[2297]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 816s [p11_child[2297]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 816s [p11_child[2297]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 816s [p11_child[2297]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x31e0c0ff;slot-manufacturer=SoftHSM%20project;slot-id=836813055;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=bab0050bb1e0c0ff;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 816s [p11_child[2297]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 816s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-8873.output 816s + echo '-----BEGIN CERTIFICATE-----' 816s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-8873.output 816s + echo '-----END CERTIFICATE-----' 816s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-8873.pem 816s Certificate: 816s Data: 816s Version: 3 (0x2) 816s Serial Number: 4 (0x4) 816s Signature Algorithm: sha256WithRSAEncryption 816s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 816s Validity 816s Not Before: Mar 20 18:34:39 2024 GMT 816s Not After : Mar 20 18:34:39 2025 GMT 816s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 816s Subject Public Key Info: 816s Public Key Algorithm: rsaEncryption 816s Public-Key: (1024 bit) 816s Modulus: 816s 00:be:b3:5a:37:d7:96:1b:56:0d:59:0f:44:5a:bb: 816s e1:92:17:7d:15:01:9f:03:db:ea:13:0e:f9:39:3b: 816s a3:a8:8b:d9:20:50:98:0a:09:f1:fc:85:86:be:8e: 816s be:cd:41:24:18:a8:34:6f:8b:55:f7:61:1e:49:63: 816s 72:92:3c:17:7f:3e:1b:9e:a3:7c:40:1d:78:96:a9: 816s 91:34:d5:aa:0b:f4:c1:f9:99:8e:b8:77:b8:10:9a: 816s b5:2a:42:d7:6f:85:61:1d:e1:e4:8e:d6:70:b3:b3: 816s c3:b3:c9:4b:bd:66:c0:94:92:5b:1d:a3:c8:59:dd: 816s 9f:f0:cc:1d:c4:91:e2:a7:1b 816s Exponent: 65537 (0x10001) 816s X509v3 extensions: 816s X509v3 Authority Key Identifier: 816s CE:51:CA:54:B1:06:48:27:14:9C:68:3C:FE:0B:61:01:3E:E3:34:A6 816s X509v3 Basic Constraints: 816s CA:FALSE 816s Netscape Cert Type: 816s SSL Client, S/MIME 816s Netscape Comment: 816s Test Organization Intermediate CA trusted Certificate 816s X509v3 Subject Key Identifier: 816s 3F:86:F4:D5:F0:E1:1D:D8:97:92:8E:B2:CC:FB:51:F3:56:58:D0:E7 816s X509v3 Key Usage: critical 816s Digital Signature, Non Repudiation, Key Encipherment 816s X509v3 Extended Key Usage: 816s TLS Web Client Authentication, E-mail Protection 816s X509v3 Subject Alternative Name: 816s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 816s Signature Algorithm: sha256WithRSAEncryption 816s Signature Value: 816s 0d:f4:7f:ca:9e:ac:24:f4:3a:db:ba:9e:c7:78:6a:95:81:3e: 816s 9d:88:60:c8:78:87:40:c7:d7:28:83:de:34:83:a6:24:e5:01: 816s c5:e1:4b:b0:eb:2e:b1:78:c4:6e:8a:c7:19:d4:28:3b:9c:1f: 816s c9:49:a9:c0:8f:65:29:29:3e:80:6d:bc:ce:e0:37:cb:67:1d: 816s 60:12:62:82:ee:45:46:77:a3:da:3c:73:80:23:e0:a4:67:db: 816s 1e:f0:67:c1:7e:9f:19:c3:c3:80:97:de:05:a6:e2:31:dd:23: 816s 82:8d:c0:26:76:fa:43:46:96:28:00:00:66:83:b8:e5:d0:b5: 816s be:6d 816s + local found_md5 expected_md5 816s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 816s + expected_md5=Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B 816s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-8873.pem 816s + found_md5=Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B 816s + '[' Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B '!=' Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B ']' 816s + output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-8873-auth.output 816s ++ basename /tmp/sssd-softhsm2-tcILm7/SSSD-child-8873-auth.output .output 816s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-8873-auth.pem 816s + echo -n 053350 816s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 816s [p11_child[2305]] [main] (0x0400): p11_child started. 816s [p11_child[2305]] [main] (0x2000): Running in [auth] mode. 816s [p11_child[2305]] [main] (0x2000): Running with effective IDs: [0][0]. 816s [p11_child[2305]] [main] (0x2000): Running with real IDs [0][0]. 816s [p11_child[2305]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 816s [p11_child[2305]] [do_card] (0x4000): Module List: 816s [p11_child[2305]] [do_card] (0x4000): common name: [softhsm2]. 816s [p11_child[2305]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 816s [p11_child[2305]] [do_card] (0x4000): Description [SoftHSM slot ID 0x31e0c0ff] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 816s [p11_child[2305]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 816s [p11_child[2305]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x31e0c0ff][836813055] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 816s [p11_child[2305]] [do_card] (0x4000): Login required. 816s [p11_child[2305]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 816s [p11_child[2305]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 816s [p11_child[2305]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 816s [p11_child[2305]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x31e0c0ff;slot-manufacturer=SoftHSM%20project;slot-id=836813055;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=bab0050bb1e0c0ff;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 816s [p11_child[2305]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 816s [p11_child[2305]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 816s [p11_child[2305]] [do_card] (0x4000): Certificate verified and validated. 816s [p11_child[2305]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 816s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-8873-auth.output 816s + echo '-----BEGIN CERTIFICATE-----' 816s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-8873-auth.output 816s + echo '-----END CERTIFICATE-----' 816s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-8873-auth.pem 816s Certificate: 816s Data: 816s Version: 3 (0x2) 816s Serial Number: 4 (0x4) 816s Signature Algorithm: sha256WithRSAEncryption 816s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 816s Validity 816s Not Before: Mar 20 18:34:39 2024 GMT 816s Not After : Mar 20 18:34:39 2025 GMT 816s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 816s Subject Public Key Info: 816s Public Key Algorithm: rsaEncryption 816s Public-Key: (1024 bit) 816s Modulus: 816s 00:be:b3:5a:37:d7:96:1b:56:0d:59:0f:44:5a:bb: 816s e1:92:17:7d:15:01:9f:03:db:ea:13:0e:f9:39:3b: 816s a3:a8:8b:d9:20:50:98:0a:09:f1:fc:85:86:be:8e: 816s be:cd:41:24:18:a8:34:6f:8b:55:f7:61:1e:49:63: 816s 72:92:3c:17:7f:3e:1b:9e:a3:7c:40:1d:78:96:a9: 816s 91:34:d5:aa:0b:f4:c1:f9:99:8e:b8:77:b8:10:9a: 816s b5:2a:42:d7:6f:85:61:1d:e1:e4:8e:d6:70:b3:b3: 816s c3:b3:c9:4b:bd:66:c0:94:92:5b:1d:a3:c8:59:dd: 816s 9f:f0:cc:1d:c4:91:e2:a7:1b 816s Exponent: 65537 (0x10001) 816s X509v3 extensions: 816s X509v3 Authority Key Identifier: 816s CE:51:CA:54:B1:06:48:27:14:9C:68:3C:FE:0B:61:01:3E:E3:34:A6 816s X509v3 Basic Constraints: 816s CA:FALSE 816s Netscape Cert Type: 816s SSL Client, S/MIME 816s Netscape Comment: 816s Test Organization Intermediate CA trusted Certificate 816s X509v3 Subject Key Identifier: 816s 3F:86:F4:D5:F0:E1:1D:D8:97:92:8E:B2:CC:FB:51:F3:56:58:D0:E7 816s X509v3 Key Usage: critical 816s Digital Signature, Non Repudiation, Key Encipherment 816s X509v3 Extended Key Usage: 816s TLS Web Client Authentication, E-mail Protection 816s X509v3 Subject Alternative Name: 816s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 816s Signature Algorithm: sha256WithRSAEncryption 816s Signature Value: 816s 0d:f4:7f:ca:9e:ac:24:f4:3a:db:ba:9e:c7:78:6a:95:81:3e: 816s 9d:88:60:c8:78:87:40:c7:d7:28:83:de:34:83:a6:24:e5:01: 816s c5:e1:4b:b0:eb:2e:b1:78:c4:6e:8a:c7:19:d4:28:3b:9c:1f: 816s c9:49:a9:c0:8f:65:29:29:3e:80:6d:bc:ce:e0:37:cb:67:1d: 816s 60:12:62:82:ee:45:46:77:a3:da:3c:73:80:23:e0:a4:67:db: 816s 1e:f0:67:c1:7e:9f:19:c3:c3:80:97:de:05:a6:e2:31:dd:23: 816s 82:8d:c0:26:76:fa:43:46:96:28:00:00:66:83:b8:e5:d0:b5: 816s be:6d 816s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-8873-auth.pem 816s + found_md5=Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B 816s + '[' Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B '!=' Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B ']' 816s + invalid_certificate /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem 816s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem 816s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 816s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-4094 816s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem 816s + local verify_option= 816s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 816s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 816s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-4094 816s + local key_cn 816s + local key_name 816s + local tokens_dir 816s + local output_cert_file 816s + token_name= 816s ++ basename /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem .pem 816s + key_name=test-intermediate-CA-trusted-certificate-0001 816s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 816s ++ sed -n 's/ *commonName *= //p' 816s Test Organization Interme Token 816s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 816s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 816s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 816s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 816s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 816s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001 816s + token_name='Test Organization Interme Token' 816s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 816s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 816s + echo 'Test Organization Interme Token' 816s + '[' -n '' ']' 816s + local output_base_name=SSSD-child-20309 816s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-20309.output 816s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-20309.pem 816s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem 816s [p11_child[2315]] [main] (0x0400): p11_child started. 816s [p11_child[2315]] [main] (0x2000): Running in [pre-auth] mode. 816s [p11_child[2315]] [main] (0x2000): Running with effective IDs: [0][0]. 816s [p11_child[2315]] [main] (0x2000): Running with real IDs [0][0]. 816s [p11_child[2315]] [do_card] (0x4000): Module List: 816s [p11_child[2315]] [do_card] (0x4000): common name: [softhsm2]. 816s [p11_child[2315]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 816s [p11_child[2315]] [do_card] (0x4000): Description [SoftHSM slot ID 0x31e0c0ff] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 816s [p11_child[2315]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 816s [p11_child[2315]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x31e0c0ff][836813055] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 816s [p11_child[2315]] [do_card] (0x4000): Login NOT required. 816s [p11_child[2315]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 816s [p11_child[2315]] [do_verification] (0x0040): X509_verify_cert failed [0]. 816s [p11_child[2315]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 816s [p11_child[2315]] [read_certs] (0x0040): Certificate [Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] not valid, skipping. 816s [p11_child[2315]] [do_card] (0x4000): No certificate found. 816s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-20309.output 816s + return 2 816s + valid_certificate /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem partial_chain 816s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem partial_chain 816s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 816s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-4094 816s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem 816s + local verify_option=partial_chain 816s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-4094 816s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 816s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-4094 816s + local key_cn 816s + local key_name 816s + local tokens_dir 816s + local output_cert_file 816s + token_name= 816s ++ basename /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem .pem 816s + key_name=test-intermediate-CA-trusted-certificate-0001 816s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 816s ++ sed -n 's/ *commonName *= //p' 816s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 816s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 816s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 816s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 816s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 816s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001 816s + token_name='Test Organization Interme Token' 816s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 816s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-intermediate-CA-trusted-certificate-0001 ']' 816s + echo 'Test Organization Interme Token' 816s Test Organization Interme Token 816s + '[' -n partial_chain ']' 816s + local verify_arg=--verify=partial_chain 816s + local output_base_name=SSSD-child-17790 816s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-17790.output 816s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-17790.pem 816s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem 816s [p11_child[2322]] [main] (0x0400): p11_child started. 816s [p11_child[2322]] [main] (0x2000): Running in [pre-auth] mode. 816s [p11_child[2322]] [main] (0x2000): Running with effective IDs: [0][0]. 816s [p11_child[2322]] [main] (0x2000): Running with real IDs [0][0]. 816s [p11_child[2322]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 816s [p11_child[2322]] [do_card] (0x4000): Module List: 816s [p11_child[2322]] [do_card] (0x4000): common name: [softhsm2]. 816s [p11_child[2322]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 816s [p11_child[2322]] [do_card] (0x4000): Description [SoftHSM slot ID 0x31e0c0ff] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 816s [p11_child[2322]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 816s [p11_child[2322]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x31e0c0ff][836813055] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 816s [p11_child[2322]] [do_card] (0x4000): Login NOT required. 816s [p11_child[2322]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 816s [p11_child[2322]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 816s [p11_child[2322]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Interme Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 816s [p11_child[2322]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x31e0c0ff;slot-manufacturer=SoftHSM%20project;slot-id=836813055;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=bab0050bb1e0c0ff;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 816s [p11_child[2322]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 816s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-17790.output 816s + echo '-----BEGIN CERTIFICATE-----' 816s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-17790.output 816s + echo '-----END CERTIFICATE-----' 816s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-17790.pem 816s Certificate: 816s Data: 816s Version: 3 (0x2) 816s Serial Number: 4 (0x4) 816s Signature Algorithm: sha256WithRSAEncryption 816s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 816s Validity 816s Not Before: Mar 20 18:34:39 2024 GMT 816s Not After : Mar 20 18:34:39 2025 GMT 816s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 816s Subject Public Key Info: 816s Public Key Algorithm: rsaEncryption 816s Public-Key: (1024 bit) 816s Modulus: 816s 00:be:b3:5a:37:d7:96:1b:56:0d:59:0f:44:5a:bb: 816s e1:92:17:7d:15:01:9f:03:db:ea:13:0e:f9:39:3b: 816s a3:a8:8b:d9:20:50:98:0a:09:f1:fc:85:86:be:8e: 816s be:cd:41:24:18:a8:34:6f:8b:55:f7:61:1e:49:63: 816s 72:92:3c:17:7f:3e:1b:9e:a3:7c:40:1d:78:96:a9: 816s 91:34:d5:aa:0b:f4:c1:f9:99:8e:b8:77:b8:10:9a: 816s b5:2a:42:d7:6f:85:61:1d:e1:e4:8e:d6:70:b3:b3: 816s c3:b3:c9:4b:bd:66:c0:94:92:5b:1d:a3:c8:59:dd: 816s 9f:f0:cc:1d:c4:91:e2:a7:1b 816s Exponent: 65537 (0x10001) 816s X509v3 extensions: 816s X509v3 Authority Key Identifier: 816s CE:51:CA:54:B1:06:48:27:14:9C:68:3C:FE:0B:61:01:3E:E3:34:A6 816s X509v3 Basic Constraints: 816s CA:FALSE 816s Netscape Cert Type: 816s SSL Client, S/MIME 816s Netscape Comment: 816s Test Organization Intermediate CA trusted Certificate 816s X509v3 Subject Key Identifier: 816s 3F:86:F4:D5:F0:E1:1D:D8:97:92:8E:B2:CC:FB:51:F3:56:58:D0:E7 816s X509v3 Key Usage: critical 816s Digital Signature, Non Repudiation, Key Encipherment 816s X509v3 Extended Key Usage: 816s TLS Web Client Authentication, E-mail Protection 816s X509v3 Subject Alternative Name: 816s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 816s Signature Algorithm: sha256WithRSAEncryption 816s Signature Value: 816s 0d:f4:7f:ca:9e:ac:24:f4:3a:db:ba:9e:c7:78:6a:95:81:3e: 816s 9d:88:60:c8:78:87:40:c7:d7:28:83:de:34:83:a6:24:e5:01: 816s c5:e1:4b:b0:eb:2e:b1:78:c4:6e:8a:c7:19:d4:28:3b:9c:1f: 816s c9:49:a9:c0:8f:65:29:29:3e:80:6d:bc:ce:e0:37:cb:67:1d: 816s 60:12:62:82:ee:45:46:77:a3:da:3c:73:80:23:e0:a4:67:db: 816s 1e:f0:67:c1:7e:9f:19:c3:c3:80:97:de:05:a6:e2:31:dd:23: 816s 82:8d:c0:26:76:fa:43:46:96:28:00:00:66:83:b8:e5:d0:b5: 816s be:6d 816s + local found_md5 expected_md5 816s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/test-intermediate-CA-trusted-certificate-0001.pem 816s + expected_md5=Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B 816s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-17790.pem 817s + found_md5=Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B 817s + '[' Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B '!=' Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B ']' 817s + output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-17790-auth.output 817s ++ basename /tmp/sssd-softhsm2-tcILm7/SSSD-child-17790-auth.output .output 817s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-17790-auth.pem 817s + echo -n 053350 817s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-tcILm7/test-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Interme Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 817s [p11_child[2330]] [main] (0x0400): p11_child started. 817s [p11_child[2330]] [main] (0x2000): Running in [auth] mode. 817s [p11_child[2330]] [main] (0x2000): Running with effective IDs: [0][0]. 817s [p11_child[2330]] [main] (0x2000): Running with real IDs [0][0]. 817s [p11_child[2330]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 817s [p11_child[2330]] [do_card] (0x4000): Module List: 817s [p11_child[2330]] [do_card] (0x4000): common name: [softhsm2]. 817s [p11_child[2330]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 817s [p11_child[2330]] [do_card] (0x4000): Description [SoftHSM slot ID 0x31e0c0ff] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 817s [p11_child[2330]] [do_card] (0x4000): Token label [Test Organization Interme Token]. 817s [p11_child[2330]] [do_card] (0x4000): Found [Test Organization Interme Token] in slot [SoftHSM slot ID 0x31e0c0ff][836813055] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 817s [p11_child[2330]] [do_card] (0x4000): Login required. 817s [p11_child[2330]] [read_certs] (0x4000): found cert[Test Organization Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Intermediate Trusted Certificate 0001] 817s [p11_child[2330]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 817s [p11_child[2330]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Interme Token Test Organization Interme Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 817s [p11_child[2330]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x31e0c0ff;slot-manufacturer=SoftHSM%20project;slot-id=836813055;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=bab0050bb1e0c0ff;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 817s [p11_child[2330]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 817s [p11_child[2330]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 817s [p11_child[2330]] [do_card] (0x4000): Certificate verified and validated. 817s [p11_child[2330]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 817s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-17790-auth.output 817s + echo '-----BEGIN CERTIFICATE-----' 817s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-17790-auth.output 817s + echo '-----END CERTIFICATE-----' 817s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-17790-auth.pem 817s Certificate: 817s Data: 817s Version: 3 (0x2) 817s Serial Number: 4 (0x4) 817s Signature Algorithm: sha256WithRSAEncryption 817s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 817s Validity 817s Not Before: Mar 20 18:34:39 2024 GMT 817s Not After : Mar 20 18:34:39 2025 GMT 817s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 817s Subject Public Key Info: 817s Public Key Algorithm: rsaEncryption 817s Public-Key: (1024 bit) 817s Modulus: 817s 00:be:b3:5a:37:d7:96:1b:56:0d:59:0f:44:5a:bb: 817s e1:92:17:7d:15:01:9f:03:db:ea:13:0e:f9:39:3b: 817s a3:a8:8b:d9:20:50:98:0a:09:f1:fc:85:86:be:8e: 817s be:cd:41:24:18:a8:34:6f:8b:55:f7:61:1e:49:63: 817s 72:92:3c:17:7f:3e:1b:9e:a3:7c:40:1d:78:96:a9: 817s 91:34:d5:aa:0b:f4:c1:f9:99:8e:b8:77:b8:10:9a: 817s b5:2a:42:d7:6f:85:61:1d:e1:e4:8e:d6:70:b3:b3: 817s c3:b3:c9:4b:bd:66:c0:94:92:5b:1d:a3:c8:59:dd: 817s 9f:f0:cc:1d:c4:91:e2:a7:1b 817s Exponent: 65537 (0x10001) 817s X509v3 extensions: 817s X509v3 Authority Key Identifier: 817s CE:51:CA:54:B1:06:48:27:14:9C:68:3C:FE:0B:61:01:3E:E3:34:A6 817s X509v3 Basic Constraints: 817s CA:FALSE 817s Netscape Cert Type: 817s SSL Client, S/MIME 817s Netscape Comment: 817s Test Organization Intermediate CA trusted Certificate 817s X509v3 Subject Key Identifier: 817s 3F:86:F4:D5:F0:E1:1D:D8:97:92:8E:B2:CC:FB:51:F3:56:58:D0:E7 817s X509v3 Key Usage: critical 817s Digital Signature, Non Repudiation, Key Encipherment 817s X509v3 Extended Key Usage: 817s TLS Web Client Authentication, E-mail Protection 817s X509v3 Subject Alternative Name: 817s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 817s Signature Algorithm: sha256WithRSAEncryption 817s Signature Value: 817s 0d:f4:7f:ca:9e:ac:24:f4:3a:db:ba:9e:c7:78:6a:95:81:3e: 817s 9d:88:60:c8:78:87:40:c7:d7:28:83:de:34:83:a6:24:e5:01: 817s c5:e1:4b:b0:eb:2e:b1:78:c4:6e:8a:c7:19:d4:28:3b:9c:1f: 817s c9:49:a9:c0:8f:65:29:29:3e:80:6d:bc:ce:e0:37:cb:67:1d: 817s 60:12:62:82:ee:45:46:77:a3:da:3c:73:80:23:e0:a4:67:db: 817s 1e:f0:67:c1:7e:9f:19:c3:c3:80:97:de:05:a6:e2:31:dd:23: 817s 82:8d:c0:26:76:fa:43:46:96:28:00:00:66:83:b8:e5:d0:b5: 817s be:6d 817s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-17790-auth.pem 817s + found_md5=Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B 817s + '[' Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B '!=' Modulus=BEB35A37D7961B560D590F445ABBE192177D15019F03DBEA130EF9393BA3A88BD92050980A09F1FC8586BE8EBECD412418A8346F8B55F7611E496372923C177F3E1B9EA37C401D7896A99134D5AA0BF4C1F9998EB877B8109AB52A42D76F85611DE1E48ED670B3B3C3B3C94BBD66C094925B1DA3C859DD9FF0CC1DC491E2A71B ']' 817s + invalid_certificate /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 817s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 817s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 817s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29827 817s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 817s + local verify_option= 817s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 817s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 817s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29827 817s + local key_cn 817s + local key_name 817s + local tokens_dir 817s + local output_cert_file 817s + token_name= 817s ++ basename /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 817s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 817s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 817s ++ sed -n 's/ *commonName *= //p' 817s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 817s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 817s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 817s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 817s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 817s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 817s + token_name='Test Organization Sub Int Token' 817s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 817s + local key_file 817s + local decrypted_key 817s + mkdir -p /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 817s + key_file=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 817s + decrypted_key=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 817s + cat 817s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 053350 --so-pin 053350 --free 817s Slot 0 has a free/uninitialized token. 817s The token has been initialized and is reassigned to slot 996084748 817s + softhsm2-util --show-slots 817s Available slots: 817s Slot 996084748 817s Slot info: 817s Description: SoftHSM slot ID 0x3b5f0c0c 817s Manufacturer ID: SoftHSM project 817s Hardware version: 2.6 817s Firmware version: 2.6 817s Token present: yes 817s Token info: 817s Manufacturer ID: SoftHSM project 817s Model: SoftHSM v2 817s Hardware version: 2.6 817s Firmware version: 2.6 817s Serial number: 07fd89f4bb5f0c0c 817s Initialized: yes 817s User PIN init.: yes 817s Label: Test Organization Sub Int Token 817s Slot 1 817s Slot info: 817s Description: SoftHSM slot ID 0x1 817s Manufacturer ID: SoftHSM project 817s Hardware version: 2.6 817s Firmware version: 2.6 817s Token present: yes 817s Token info: 817s Manufacturer ID: SoftHSM project 817s Model: SoftHSM v2 817s Hardware version: 2.6 817s Firmware version: 2.6 817s Serial number: 817s Initialized: no 817s User PIN init.: no 817s Label: 817s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 817s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-29827 -in /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 817s writing RSA key 817s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=053350 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 817s + rm /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 817s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 817s Object 0: 817s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=07fd89f4bb5f0c0c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 817s Type: X.509 Certificate (RSA-1024) 817s Expires: Thu Mar 20 18:34:39 2025 817s Label: Test Organization Sub Intermediate Trusted Certificate 0001 817s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 817s 817s Test Organization Sub Int Token 817s + echo 'Test Organization Sub Int Token' 817s + '[' -n '' ']' 817s + local output_base_name=SSSD-child-31886 817s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-31886.output 817s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-31886.pem 817s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 817s [p11_child[2349]] [main] (0x0400): p11_child started. 817s [p11_child[2349]] [main] (0x2000): Running in [pre-auth] mode. 817s [p11_child[2349]] [main] (0x2000): Running with effective IDs: [0][0]. 817s [p11_child[2349]] [main] (0x2000): Running with real IDs [0][0]. 817s [p11_child[2349]] [do_card] (0x4000): Module List: 817s [p11_child[2349]] [do_card] (0x4000): common name: [softhsm2]. 817s [p11_child[2349]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 817s [p11_child[2349]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3b5f0c0c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 817s [p11_child[2349]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 817s [p11_child[2349]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3b5f0c0c][996084748] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 817s [p11_child[2349]] [do_card] (0x4000): Login NOT required. 817s [p11_child[2349]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 817s [p11_child[2349]] [do_verification] (0x0040): X509_verify_cert failed [0]. 817s [p11_child[2349]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 817s [p11_child[2349]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 817s [p11_child[2349]] [do_card] (0x4000): No certificate found. 817s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-31886.output 817s + return 2 817s + invalid_certificate /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem partial_chain 817s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 /tmp/sssd-softhsm2-tcILm7/test-root-CA.pem partial_chain 817s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 817s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29827 817s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 817s + local verify_option=partial_chain 817s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 817s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 817s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29827 817s + local key_cn 817s + local key_name 817s + local tokens_dir 817s + local output_cert_file 817s + token_name= 817s ++ basename /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 817s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 817s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 817s ++ sed -n 's/ *commonName *= //p' 817s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 817s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 817s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 817s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 817s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 817s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 817s + token_name='Test Organization Sub Int Token' 817s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 817s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 817s Test Organization Sub Int Token 817s + echo 'Test Organization Sub Int Token' 817s + '[' -n partial_chain ']' 817s + local verify_arg=--verify=partial_chain 817s + local output_base_name=SSSD-child-4953 817s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-4953.output 817s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-4953.pem 817s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-tcILm7/test-root-CA.pem 817s [p11_child[2356]] [main] (0x0400): p11_child started. 817s [p11_child[2356]] [main] (0x2000): Running in [pre-auth] mode. 817s [p11_child[2356]] [main] (0x2000): Running with effective IDs: [0][0]. 817s [p11_child[2356]] [main] (0x2000): Running with real IDs [0][0]. 817s [p11_child[2356]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 817s [p11_child[2356]] [do_card] (0x4000): Module List: 817s [p11_child[2356]] [do_card] (0x4000): common name: [softhsm2]. 817s [p11_child[2356]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 817s [p11_child[2356]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3b5f0c0c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 817s [p11_child[2356]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 817s [p11_child[2356]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3b5f0c0c][996084748] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 817s [p11_child[2356]] [do_card] (0x4000): Login NOT required. 817s [p11_child[2356]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 817s [p11_child[2356]] [do_verification] (0x0040): X509_verify_cert failed [0]. 817s [p11_child[2356]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 817s [p11_child[2356]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 817s [p11_child[2356]] [do_card] (0x4000): No certificate found. 817s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-4953.output 817s + return 2 817s + valid_certificate /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 /tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem 817s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 /tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem 817s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 817s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29827 817s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem 817s + local verify_option= 817s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 817s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 817s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29827 817s + local key_cn 817s + local key_name 817s + local tokens_dir 817s + local output_cert_file 817s + token_name= 817s ++ basename /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 817s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 817s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 817s ++ sed -n 's/ *commonName *= //p' 817s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 817s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 817s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 817s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 817s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 817s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 817s Test Organization Sub Int Token 817s + token_name='Test Organization Sub Int Token' 817s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 817s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 817s + echo 'Test Organization Sub Int Token' 817s + '[' -n '' ']' 817s + local output_base_name=SSSD-child-15290 817s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-15290.output 817s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-15290.pem 817s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem 817s [p11_child[2363]] [main] (0x0400): p11_child started. 817s [p11_child[2363]] [main] (0x2000): Running in [pre-auth] mode. 817s [p11_child[2363]] [main] (0x2000): Running with effective IDs: [0][0]. 817s [p11_child[2363]] [main] (0x2000): Running with real IDs [0][0]. 817s [p11_child[2363]] [do_card] (0x4000): Module List: 817s [p11_child[2363]] [do_card] (0x4000): common name: [softhsm2]. 817s [p11_child[2363]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 817s [p11_child[2363]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3b5f0c0c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 817s [p11_child[2363]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 817s [p11_child[2363]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3b5f0c0c][996084748] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 817s [p11_child[2363]] [do_card] (0x4000): Login NOT required. 817s [p11_child[2363]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 817s [p11_child[2363]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 817s [p11_child[2363]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 817s [p11_child[2363]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3b5f0c0c;slot-manufacturer=SoftHSM%20project;slot-id=996084748;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=07fd89f4bb5f0c0c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 817s [p11_child[2363]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 817s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-15290.output 817s + echo '-----BEGIN CERTIFICATE-----' 817s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-15290.output 817s + echo '-----END CERTIFICATE-----' 817s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-15290.pem 817s Certificate: 817s Data: 817s Version: 3 (0x2) 817s Serial Number: 5 (0x5) 817s Signature Algorithm: sha256WithRSAEncryption 817s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 817s Validity 817s Not Before: Mar 20 18:34:39 2024 GMT 817s Not After : Mar 20 18:34:39 2025 GMT 817s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 817s Subject Public Key Info: 817s Public Key Algorithm: rsaEncryption 817s Public-Key: (1024 bit) 817s Modulus: 817s 00:dd:a6:06:b1:32:3b:90:f5:76:21:31:f2:66:57: 817s ae:28:b8:c2:e9:9f:54:82:49:62:58:e4:7b:e0:4f: 817s 94:0b:d8:2f:a4:ae:f0:78:27:02:09:5a:c3:68:ea: 817s 49:ee:6e:2d:3c:a3:5a:4a:99:6f:19:0f:ce:1f:20: 817s 75:34:c9:1b:08:32:83:42:f9:24:41:95:88:23:39: 817s 31:18:58:48:a7:eb:67:78:ea:d2:7e:13:c2:a7:6b: 817s c8:48:04:54:f9:a0:6c:86:28:39:6a:57:f5:c1:7f: 817s 46:5d:19:da:f6:9e:4c:c9:41:27:2d:2f:b8:45:41: 817s 9b:4c:19:29:1a:dc:c4:19:37 817s Exponent: 65537 (0x10001) 817s X509v3 extensions: 817s X509v3 Authority Key Identifier: 817s F9:57:6C:50:D2:EE:83:DE:A1:CE:5F:16:1E:6E:78:BD:56:CD:C4:A6 817s X509v3 Basic Constraints: 817s CA:FALSE 817s Netscape Cert Type: 817s SSL Client, S/MIME 817s Netscape Comment: 817s Test Organization Sub Intermediate CA trusted Certificate 817s X509v3 Subject Key Identifier: 817s B0:B0:20:3D:EE:CE:E7:E5:22:7C:74:71:41:F7:00:D2:7B:FC:58:0D 817s X509v3 Key Usage: critical 817s Digital Signature, Non Repudiation, Key Encipherment 817s X509v3 Extended Key Usage: 817s TLS Web Client Authentication, E-mail Protection 817s X509v3 Subject Alternative Name: 817s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 817s Signature Algorithm: sha256WithRSAEncryption 817s Signature Value: 817s 09:30:ae:37:02:22:ae:28:4c:76:52:65:1a:f6:91:5e:1e:9c: 817s e0:7d:8f:58:b7:2a:67:58:a6:15:8f:ea:31:81:f2:5b:1d:74: 817s 06:a5:8f:d5:9b:12:9e:0b:76:00:ef:b6:cb:83:cc:66:3b:b7: 817s ac:d1:1e:0a:a3:8a:35:27:1b:98:20:89:7b:81:7f:a1:37:4f: 817s 61:91:db:d2:3f:92:d3:c1:f1:f8:a4:3c:40:e7:9e:fd:91:18: 817s f1:23:3f:8b:7e:a8:31:94:e7:d3:0a:02:59:81:03:e9:0c:3a: 817s 6f:63:f0:c4:bc:84:9f:84:fc:83:af:36:3a:9b:61:f6:af:7a: 817s f3:fc 817s + local found_md5 expected_md5 817s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 817s + expected_md5=Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 817s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-15290.pem 817s + found_md5=Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 817s + '[' Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 '!=' Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 ']' 817s + output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-15290-auth.output 817s ++ basename /tmp/sssd-softhsm2-tcILm7/SSSD-child-15290-auth.output .output 817s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-15290-auth.pem 817s + echo -n 053350 817s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 '' --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 817s [p11_child[2371]] [main] (0x0400): p11_child started. 817s [p11_child[2371]] [main] (0x2000): Running in [auth] mode. 817s [p11_child[2371]] [main] (0x2000): Running with effective IDs: [0][0]. 817s [p11_child[2371]] [main] (0x2000): Running with real IDs [0][0]. 817s [p11_child[2371]] [do_card] (0x4000): Module List: 817s [p11_child[2371]] [do_card] (0x4000): common name: [softhsm2]. 817s [p11_child[2371]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 817s [p11_child[2371]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3b5f0c0c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 817s [p11_child[2371]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 817s [p11_child[2371]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3b5f0c0c][996084748] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 817s [p11_child[2371]] [do_card] (0x4000): Login required. 817s [p11_child[2371]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 817s [p11_child[2371]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 817s [p11_child[2371]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 817s [p11_child[2371]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3b5f0c0c;slot-manufacturer=SoftHSM%20project;slot-id=996084748;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=07fd89f4bb5f0c0c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 817s [p11_child[2371]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 817s [p11_child[2371]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 817s [p11_child[2371]] [do_card] (0x4000): Certificate verified and validated. 817s [p11_child[2371]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 817s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-15290-auth.output 817s + echo '-----BEGIN CERTIFICATE-----' 817s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-15290-auth.output 817s + echo '-----END CERTIFICATE-----' 817s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-15290-auth.pem 818s Certificate: 818s Data: 818s Version: 3 (0x2) 818s Serial Number: 5 (0x5) 818s Signature Algorithm: sha256WithRSAEncryption 818s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 818s Validity 818s Not Before: Mar 20 18:34:39 2024 GMT 818s Not After : Mar 20 18:34:39 2025 GMT 818s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 818s Subject Public Key Info: 818s Public Key Algorithm: rsaEncryption 818s Public-Key: (1024 bit) 818s Modulus: 818s 00:dd:a6:06:b1:32:3b:90:f5:76:21:31:f2:66:57: 818s ae:28:b8:c2:e9:9f:54:82:49:62:58:e4:7b:e0:4f: 818s 94:0b:d8:2f:a4:ae:f0:78:27:02:09:5a:c3:68:ea: 818s 49:ee:6e:2d:3c:a3:5a:4a:99:6f:19:0f:ce:1f:20: 818s 75:34:c9:1b:08:32:83:42:f9:24:41:95:88:23:39: 818s 31:18:58:48:a7:eb:67:78:ea:d2:7e:13:c2:a7:6b: 818s c8:48:04:54:f9:a0:6c:86:28:39:6a:57:f5:c1:7f: 818s 46:5d:19:da:f6:9e:4c:c9:41:27:2d:2f:b8:45:41: 818s 9b:4c:19:29:1a:dc:c4:19:37 818s Exponent: 65537 (0x10001) 818s X509v3 extensions: 818s X509v3 Authority Key Identifier: 818s F9:57:6C:50:D2:EE:83:DE:A1:CE:5F:16:1E:6E:78:BD:56:CD:C4:A6 818s X509v3 Basic Constraints: 818s CA:FALSE 818s Netscape Cert Type: 818s SSL Client, S/MIME 818s Netscape Comment: 818s Test Organization Sub Intermediate CA trusted Certificate 818s X509v3 Subject Key Identifier: 818s B0:B0:20:3D:EE:CE:E7:E5:22:7C:74:71:41:F7:00:D2:7B:FC:58:0D 818s X509v3 Key Usage: critical 818s Digital Signature, Non Repudiation, Key Encipherment 818s X509v3 Extended Key Usage: 818s TLS Web Client Authentication, E-mail Protection 818s X509v3 Subject Alternative Name: 818s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 818s Signature Algorithm: sha256WithRSAEncryption 818s Signature Value: 818s 09:30:ae:37:02:22:ae:28:4c:76:52:65:1a:f6:91:5e:1e:9c: 818s e0:7d:8f:58:b7:2a:67:58:a6:15:8f:ea:31:81:f2:5b:1d:74: 818s 06:a5:8f:d5:9b:12:9e:0b:76:00:ef:b6:cb:83:cc:66:3b:b7: 818s ac:d1:1e:0a:a3:8a:35:27:1b:98:20:89:7b:81:7f:a1:37:4f: 818s 61:91:db:d2:3f:92:d3:c1:f1:f8:a4:3c:40:e7:9e:fd:91:18: 818s f1:23:3f:8b:7e:a8:31:94:e7:d3:0a:02:59:81:03:e9:0c:3a: 818s 6f:63:f0:c4:bc:84:9f:84:fc:83:af:36:3a:9b:61:f6:af:7a: 818s f3:fc 818s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-15290-auth.pem 818s + found_md5=Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 818s + '[' Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 '!=' Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 ']' 818s + valid_certificate /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 /tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem partial_chain 818s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 /tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem partial_chain 818s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 818s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29827 818s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem 818s + local verify_option=partial_chain 818s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 818s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 818s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29827 818s + local key_cn 818s + local key_name 818s + local tokens_dir 818s + local output_cert_file 818s + token_name= 818s ++ basename /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 818s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 818s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 818s ++ sed -n 's/ *commonName *= //p' 818s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 818s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 818s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 818s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 818s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 818s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 818s + token_name='Test Organization Sub Int Token' 818s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 818s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 818s + echo 'Test Organization Sub Int Token' 818s Test Organization Sub Int Token 818s + '[' -n partial_chain ']' 818s + local verify_arg=--verify=partial_chain 818s + local output_base_name=SSSD-child-7784 818s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-7784.output 818s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-7784.pem 818s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem 818s [p11_child[2381]] [main] (0x0400): p11_child started. 818s [p11_child[2381]] [main] (0x2000): Running in [pre-auth] mode. 818s [p11_child[2381]] [main] (0x2000): Running with effective IDs: [0][0]. 818s [p11_child[2381]] [main] (0x2000): Running with real IDs [0][0]. 818s [p11_child[2381]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 818s [p11_child[2381]] [do_card] (0x4000): Module List: 818s [p11_child[2381]] [do_card] (0x4000): common name: [softhsm2]. 818s [p11_child[2381]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 818s [p11_child[2381]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3b5f0c0c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 818s [p11_child[2381]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 818s [p11_child[2381]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3b5f0c0c][996084748] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 818s [p11_child[2381]] [do_card] (0x4000): Login NOT required. 818s [p11_child[2381]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 818s [p11_child[2381]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 818s [p11_child[2381]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 818s [p11_child[2381]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3b5f0c0c;slot-manufacturer=SoftHSM%20project;slot-id=996084748;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=07fd89f4bb5f0c0c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 818s [p11_child[2381]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 818s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-7784.output 818s + echo '-----BEGIN CERTIFICATE-----' 818s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-7784.output 818s + echo '-----END CERTIFICATE-----' 818s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-7784.pem 818s Certificate: 818s Data: 818s Version: 3 (0x2) 818s Serial Number: 5 (0x5) 818s Signature Algorithm: sha256WithRSAEncryption 818s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 818s Validity 818s Not Before: Mar 20 18:34:39 2024 GMT 818s Not After : Mar 20 18:34:39 2025 GMT 818s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 818s Subject Public Key Info: 818s Public Key Algorithm: rsaEncryption 818s Public-Key: (1024 bit) 818s Modulus: 818s 00:dd:a6:06:b1:32:3b:90:f5:76:21:31:f2:66:57: 818s ae:28:b8:c2:e9:9f:54:82:49:62:58:e4:7b:e0:4f: 818s 94:0b:d8:2f:a4:ae:f0:78:27:02:09:5a:c3:68:ea: 818s 49:ee:6e:2d:3c:a3:5a:4a:99:6f:19:0f:ce:1f:20: 818s 75:34:c9:1b:08:32:83:42:f9:24:41:95:88:23:39: 818s 31:18:58:48:a7:eb:67:78:ea:d2:7e:13:c2:a7:6b: 818s c8:48:04:54:f9:a0:6c:86:28:39:6a:57:f5:c1:7f: 818s 46:5d:19:da:f6:9e:4c:c9:41:27:2d:2f:b8:45:41: 818s 9b:4c:19:29:1a:dc:c4:19:37 818s Exponent: 65537 (0x10001) 818s X509v3 extensions: 818s X509v3 Authority Key Identifier: 818s F9:57:6C:50:D2:EE:83:DE:A1:CE:5F:16:1E:6E:78:BD:56:CD:C4:A6 818s X509v3 Basic Constraints: 818s CA:FALSE 818s Netscape Cert Type: 818s SSL Client, S/MIME 818s Netscape Comment: 818s Test Organization Sub Intermediate CA trusted Certificate 818s X509v3 Subject Key Identifier: 818s B0:B0:20:3D:EE:CE:E7:E5:22:7C:74:71:41:F7:00:D2:7B:FC:58:0D 818s X509v3 Key Usage: critical 818s Digital Signature, Non Repudiation, Key Encipherment 818s X509v3 Extended Key Usage: 818s TLS Web Client Authentication, E-mail Protection 818s X509v3 Subject Alternative Name: 818s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 818s Signature Algorithm: sha256WithRSAEncryption 818s Signature Value: 818s 09:30:ae:37:02:22:ae:28:4c:76:52:65:1a:f6:91:5e:1e:9c: 818s e0:7d:8f:58:b7:2a:67:58:a6:15:8f:ea:31:81:f2:5b:1d:74: 818s 06:a5:8f:d5:9b:12:9e:0b:76:00:ef:b6:cb:83:cc:66:3b:b7: 818s ac:d1:1e:0a:a3:8a:35:27:1b:98:20:89:7b:81:7f:a1:37:4f: 818s 61:91:db:d2:3f:92:d3:c1:f1:f8:a4:3c:40:e7:9e:fd:91:18: 818s f1:23:3f:8b:7e:a8:31:94:e7:d3:0a:02:59:81:03:e9:0c:3a: 818s 6f:63:f0:c4:bc:84:9f:84:fc:83:af:36:3a:9b:61:f6:af:7a: 818s f3:fc 818s + local found_md5 expected_md5 818s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 818s + expected_md5=Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 818s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-7784.pem 818s + found_md5=Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 818s + '[' Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 '!=' Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 ']' 818s + output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-7784-auth.output 818s ++ basename /tmp/sssd-softhsm2-tcILm7/SSSD-child-7784-auth.output .output 818s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-7784-auth.pem 818s + echo -n 053350 818s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-tcILm7/test-full-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 818s [p11_child[2389]] [main] (0x0400): p11_child started. 818s [p11_child[2389]] [main] (0x2000): Running in [auth] mode. 818s [p11_child[2389]] [main] (0x2000): Running with effective IDs: [0][0]. 818s [p11_child[2389]] [main] (0x2000): Running with real IDs [0][0]. 818s [p11_child[2389]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 818s [p11_child[2389]] [do_card] (0x4000): Module List: 818s [p11_child[2389]] [do_card] (0x4000): common name: [softhsm2]. 818s [p11_child[2389]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 818s [p11_child[2389]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3b5f0c0c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 818s [p11_child[2389]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 818s [p11_child[2389]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3b5f0c0c][996084748] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 818s [p11_child[2389]] [do_card] (0x4000): Login required. 818s [p11_child[2389]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 818s [p11_child[2389]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 818s [p11_child[2389]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 818s [p11_child[2389]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3b5f0c0c;slot-manufacturer=SoftHSM%20project;slot-id=996084748;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=07fd89f4bb5f0c0c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 818s [p11_child[2389]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 818s [p11_child[2389]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 818s [p11_child[2389]] [do_card] (0x4000): Certificate verified and validated. 818s [p11_child[2389]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 818s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-7784-auth.output 818s + echo '-----BEGIN CERTIFICATE-----' 818s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-7784-auth.output 818s + echo '-----END CERTIFICATE-----' 818s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-7784-auth.pem 818s Certificate: 818s Data: 818s Version: 3 (0x2) 818s Serial Number: 5 (0x5) 818s Signature Algorithm: sha256WithRSAEncryption 818s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 818s Validity 818s Not Before: Mar 20 18:34:39 2024 GMT 818s Not After : Mar 20 18:34:39 2025 GMT 818s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 818s Subject Public Key Info: 818s Public Key Algorithm: rsaEncryption 818s Public-Key: (1024 bit) 818s Modulus: 818s 00:dd:a6:06:b1:32:3b:90:f5:76:21:31:f2:66:57: 818s ae:28:b8:c2:e9:9f:54:82:49:62:58:e4:7b:e0:4f: 818s 94:0b:d8:2f:a4:ae:f0:78:27:02:09:5a:c3:68:ea: 818s 49:ee:6e:2d:3c:a3:5a:4a:99:6f:19:0f:ce:1f:20: 818s 75:34:c9:1b:08:32:83:42:f9:24:41:95:88:23:39: 818s 31:18:58:48:a7:eb:67:78:ea:d2:7e:13:c2:a7:6b: 818s c8:48:04:54:f9:a0:6c:86:28:39:6a:57:f5:c1:7f: 818s 46:5d:19:da:f6:9e:4c:c9:41:27:2d:2f:b8:45:41: 818s 9b:4c:19:29:1a:dc:c4:19:37 818s Exponent: 65537 (0x10001) 818s X509v3 extensions: 818s X509v3 Authority Key Identifier: 818s F9:57:6C:50:D2:EE:83:DE:A1:CE:5F:16:1E:6E:78:BD:56:CD:C4:A6 818s X509v3 Basic Constraints: 818s CA:FALSE 818s Netscape Cert Type: 818s SSL Client, S/MIME 818s Netscape Comment: 818s Test Organization Sub Intermediate CA trusted Certificate 818s X509v3 Subject Key Identifier: 818s B0:B0:20:3D:EE:CE:E7:E5:22:7C:74:71:41:F7:00:D2:7B:FC:58:0D 818s X509v3 Key Usage: critical 818s Digital Signature, Non Repudiation, Key Encipherment 818s X509v3 Extended Key Usage: 818s TLS Web Client Authentication, E-mail Protection 818s X509v3 Subject Alternative Name: 818s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 818s Signature Algorithm: sha256WithRSAEncryption 818s Signature Value: 818s 09:30:ae:37:02:22:ae:28:4c:76:52:65:1a:f6:91:5e:1e:9c: 818s e0:7d:8f:58:b7:2a:67:58:a6:15:8f:ea:31:81:f2:5b:1d:74: 818s 06:a5:8f:d5:9b:12:9e:0b:76:00:ef:b6:cb:83:cc:66:3b:b7: 818s ac:d1:1e:0a:a3:8a:35:27:1b:98:20:89:7b:81:7f:a1:37:4f: 818s 61:91:db:d2:3f:92:d3:c1:f1:f8:a4:3c:40:e7:9e:fd:91:18: 818s f1:23:3f:8b:7e:a8:31:94:e7:d3:0a:02:59:81:03:e9:0c:3a: 818s 6f:63:f0:c4:bc:84:9f:84:fc:83:af:36:3a:9b:61:f6:af:7a: 818s f3:fc 818s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-7784-auth.pem 818s + found_md5=Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 818s + '[' Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 '!=' Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 ']' 818s + invalid_certificate /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem 818s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem 818s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 818s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29827 818s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem 818s + local verify_option= 818s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 818s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 818s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29827 818s + local key_cn 818s + local key_name 818s + local tokens_dir 818s + local output_cert_file 818s + token_name= 818s ++ basename /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 818s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 818s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 818s ++ sed -n 's/ *commonName *= //p' 818s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 818s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 818s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 818s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 818s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 818s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 818s + token_name='Test Organization Sub Int Token' 818s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 818s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 818s + echo 'Test Organization Sub Int Token' 818s + '[' -n '' ']' 818s + local output_base_name=SSSD-child-18110 818s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-18110.output 818s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-18110.pem 818s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so '' --ca_db=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem 818s Test Organization Sub Int Token 818s [p11_child[2399]] [main] (0x0400): p11_child started. 818s [p11_child[2399]] [main] (0x2000): Running in [pre-auth] mode. 818s [p11_child[2399]] [main] (0x2000): Running with effective IDs: [0][0]. 818s [p11_child[2399]] [main] (0x2000): Running with real IDs [0][0]. 818s [p11_child[2399]] [do_card] (0x4000): Module List: 818s [p11_child[2399]] [do_card] (0x4000): common name: [softhsm2]. 818s [p11_child[2399]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 818s [p11_child[2399]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3b5f0c0c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 818s [p11_child[2399]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 818s [p11_child[2399]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3b5f0c0c][996084748] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 818s [p11_child[2399]] [do_card] (0x4000): Login NOT required. 818s [p11_child[2399]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 818s [p11_child[2399]] [do_verification] (0x0040): X509_verify_cert failed [0]. 818s [p11_child[2399]] [do_verification] (0x0040): X509_verify_cert failed [2][unable to get issuer certificate]. 818s [p11_child[2399]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 818s [p11_child[2399]] [do_card] (0x4000): No certificate found. 818s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-18110.output 818s + return 2 818s + invalid_certificate /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 /tmp/sssd-softhsm2-tcILm7/test-root-intermediate-chain-CA.pem partial_chain 818s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 /tmp/sssd-softhsm2-tcILm7/test-root-intermediate-chain-CA.pem partial_chain 818s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 818s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29827 818s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-root-intermediate-chain-CA.pem 818s + local verify_option=partial_chain 818s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 818s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 818s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29827 818s + local key_cn 818s + local key_name 818s + local tokens_dir 818s + local output_cert_file 818s + token_name= 818s ++ basename /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 818s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 818s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 818s ++ sed -n 's/ *commonName *= //p' 818s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 818s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 818s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 818s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 818s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 818s Test Organization Sub Int Token 818s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 818s + token_name='Test Organization Sub Int Token' 818s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 818s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 818s + echo 'Test Organization Sub Int Token' 818s + '[' -n partial_chain ']' 818s + local verify_arg=--verify=partial_chain 818s + local output_base_name=SSSD-child-20381 818s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-20381.output 818s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-20381.pem 818s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-tcILm7/test-root-intermediate-chain-CA.pem 818s [p11_child[2406]] [main] (0x0400): p11_child started. 818s [p11_child[2406]] [main] (0x2000): Running in [pre-auth] mode. 818s [p11_child[2406]] [main] (0x2000): Running with effective IDs: [0][0]. 818s [p11_child[2406]] [main] (0x2000): Running with real IDs [0][0]. 818s [p11_child[2406]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 818s [p11_child[2406]] [do_card] (0x4000): Module List: 818s [p11_child[2406]] [do_card] (0x4000): common name: [softhsm2]. 818s [p11_child[2406]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 818s [p11_child[2406]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3b5f0c0c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 818s [p11_child[2406]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 818s [p11_child[2406]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3b5f0c0c][996084748] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 818s [p11_child[2406]] [do_card] (0x4000): Login NOT required. 818s [p11_child[2406]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 818s [p11_child[2406]] [do_verification] (0x0040): X509_verify_cert failed [0]. 818s [p11_child[2406]] [do_verification] (0x0040): X509_verify_cert failed [20][unable to get local issuer certificate]. 818s [p11_child[2406]] [read_certs] (0x0040): Certificate [Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] not valid, skipping. 818s [p11_child[2406]] [do_card] (0x4000): No certificate found. 818s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-20381.output 818s + return 2 818s + valid_certificate /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem partial_chain 818s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem partial_chain 818s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 818s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29827 818s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem 818s + local verify_option=partial_chain 818s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 818s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 818s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29827 818s + local key_cn 818s + local key_name 818s + local tokens_dir 818s + local output_cert_file 818s + token_name= 818s ++ basename /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 818s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 818s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 818s ++ sed -n 's/ *commonName *= //p' 818s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 818s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 818s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 818s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 818s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 818s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 818s + token_name='Test Organization Sub Int Token' 818s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 818s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 818s + echo 'Test Organization Sub Int Token' 818s Test Organization Sub Int Token 818s + '[' -n partial_chain ']' 818s + local verify_arg=--verify=partial_chain 818s + local output_base_name=SSSD-child-6880 818s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-6880.output 818s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-6880.pem 818s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem 818s [p11_child[2413]] [main] (0x0400): p11_child started. 818s [p11_child[2413]] [main] (0x2000): Running in [pre-auth] mode. 818s [p11_child[2413]] [main] (0x2000): Running with effective IDs: [0][0]. 818s [p11_child[2413]] [main] (0x2000): Running with real IDs [0][0]. 818s [p11_child[2413]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 818s [p11_child[2413]] [do_card] (0x4000): Module List: 818s [p11_child[2413]] [do_card] (0x4000): common name: [softhsm2]. 818s [p11_child[2413]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 818s [p11_child[2413]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3b5f0c0c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 818s [p11_child[2413]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 818s [p11_child[2413]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3b5f0c0c][996084748] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 818s [p11_child[2413]] [do_card] (0x4000): Login NOT required. 818s [p11_child[2413]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 818s [p11_child[2413]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 818s [p11_child[2413]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 818s [p11_child[2413]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3b5f0c0c;slot-manufacturer=SoftHSM%20project;slot-id=996084748;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=07fd89f4bb5f0c0c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 818s [p11_child[2413]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 818s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-6880.output 818s + echo '-----BEGIN CERTIFICATE-----' 818s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-6880.output 818s + echo '-----END CERTIFICATE-----' 818s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-6880.pem 818s Certificate: 818s Data: 818s Version: 3 (0x2) 818s Serial Number: 5 (0x5) 818s Signature Algorithm: sha256WithRSAEncryption 818s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 818s Validity 818s Not Before: Mar 20 18:34:39 2024 GMT 818s Not After : Mar 20 18:34:39 2025 GMT 818s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 818s Subject Public Key Info: 818s Public Key Algorithm: rsaEncryption 818s Public-Key: (1024 bit) 818s Modulus: 818s 00:dd:a6:06:b1:32:3b:90:f5:76:21:31:f2:66:57: 818s ae:28:b8:c2:e9:9f:54:82:49:62:58:e4:7b:e0:4f: 818s 94:0b:d8:2f:a4:ae:f0:78:27:02:09:5a:c3:68:ea: 818s 49:ee:6e:2d:3c:a3:5a:4a:99:6f:19:0f:ce:1f:20: 818s 75:34:c9:1b:08:32:83:42:f9:24:41:95:88:23:39: 818s 31:18:58:48:a7:eb:67:78:ea:d2:7e:13:c2:a7:6b: 818s c8:48:04:54:f9:a0:6c:86:28:39:6a:57:f5:c1:7f: 818s 46:5d:19:da:f6:9e:4c:c9:41:27:2d:2f:b8:45:41: 818s 9b:4c:19:29:1a:dc:c4:19:37 818s Exponent: 65537 (0x10001) 818s X509v3 extensions: 818s X509v3 Authority Key Identifier: 818s F9:57:6C:50:D2:EE:83:DE:A1:CE:5F:16:1E:6E:78:BD:56:CD:C4:A6 818s X509v3 Basic Constraints: 818s CA:FALSE 818s Netscape Cert Type: 818s SSL Client, S/MIME 818s Netscape Comment: 818s Test Organization Sub Intermediate CA trusted Certificate 818s X509v3 Subject Key Identifier: 818s B0:B0:20:3D:EE:CE:E7:E5:22:7C:74:71:41:F7:00:D2:7B:FC:58:0D 818s X509v3 Key Usage: critical 818s Digital Signature, Non Repudiation, Key Encipherment 818s X509v3 Extended Key Usage: 818s TLS Web Client Authentication, E-mail Protection 818s X509v3 Subject Alternative Name: 818s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 818s Signature Algorithm: sha256WithRSAEncryption 818s Signature Value: 818s 09:30:ae:37:02:22:ae:28:4c:76:52:65:1a:f6:91:5e:1e:9c: 818s e0:7d:8f:58:b7:2a:67:58:a6:15:8f:ea:31:81:f2:5b:1d:74: 818s 06:a5:8f:d5:9b:12:9e:0b:76:00:ef:b6:cb:83:cc:66:3b:b7: 818s ac:d1:1e:0a:a3:8a:35:27:1b:98:20:89:7b:81:7f:a1:37:4f: 818s 61:91:db:d2:3f:92:d3:c1:f1:f8:a4:3c:40:e7:9e:fd:91:18: 818s f1:23:3f:8b:7e:a8:31:94:e7:d3:0a:02:59:81:03:e9:0c:3a: 818s 6f:63:f0:c4:bc:84:9f:84:fc:83:af:36:3a:9b:61:f6:af:7a: 818s f3:fc 818s + local found_md5 expected_md5 818s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 819s + expected_md5=Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 819s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-6880.pem 819s + found_md5=Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 819s + '[' Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 '!=' Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 ']' 819s + output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-6880-auth.output 819s ++ basename /tmp/sssd-softhsm2-tcILm7/SSSD-child-6880-auth.output .output 819s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-6880-auth.pem 819s + echo -n 053350 819s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 819s [p11_child[2421]] [main] (0x0400): p11_child started. 819s [p11_child[2421]] [main] (0x2000): Running in [auth] mode. 819s [p11_child[2421]] [main] (0x2000): Running with effective IDs: [0][0]. 819s [p11_child[2421]] [main] (0x2000): Running with real IDs [0][0]. 819s [p11_child[2421]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 819s [p11_child[2421]] [do_card] (0x4000): Module List: 819s [p11_child[2421]] [do_card] (0x4000): common name: [softhsm2]. 819s [p11_child[2421]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 819s [p11_child[2421]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3b5f0c0c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 819s [p11_child[2421]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 819s [p11_child[2421]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3b5f0c0c][996084748] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 819s [p11_child[2421]] [do_card] (0x4000): Login required. 819s [p11_child[2421]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 819s [p11_child[2421]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 819s [p11_child[2421]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 819s [p11_child[2421]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3b5f0c0c;slot-manufacturer=SoftHSM%20project;slot-id=996084748;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=07fd89f4bb5f0c0c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 819s [p11_child[2421]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 819s [p11_child[2421]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 819s [p11_child[2421]] [do_card] (0x4000): Certificate verified and validated. 819s [p11_child[2421]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 819s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-6880-auth.output 819s + echo '-----BEGIN CERTIFICATE-----' 819s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-6880-auth.output 819s + echo '-----END CERTIFICATE-----' 819s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-6880-auth.pem 819s Certificate: 819s Data: 819s Version: 3 (0x2) 819s Serial Number: 5 (0x5) 819s Signature Algorithm: sha256WithRSAEncryption 819s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 819s Validity 819s Not Before: Mar 20 18:34:39 2024 GMT 819s Not After : Mar 20 18:34:39 2025 GMT 819s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 819s Subject Public Key Info: 819s Public Key Algorithm: rsaEncryption 819s Public-Key: (1024 bit) 819s Modulus: 819s 00:dd:a6:06:b1:32:3b:90:f5:76:21:31:f2:66:57: 819s ae:28:b8:c2:e9:9f:54:82:49:62:58:e4:7b:e0:4f: 819s 94:0b:d8:2f:a4:ae:f0:78:27:02:09:5a:c3:68:ea: 819s 49:ee:6e:2d:3c:a3:5a:4a:99:6f:19:0f:ce:1f:20: 819s 75:34:c9:1b:08:32:83:42:f9:24:41:95:88:23:39: 819s 31:18:58:48:a7:eb:67:78:ea:d2:7e:13:c2:a7:6b: 819s c8:48:04:54:f9:a0:6c:86:28:39:6a:57:f5:c1:7f: 819s 46:5d:19:da:f6:9e:4c:c9:41:27:2d:2f:b8:45:41: 819s 9b:4c:19:29:1a:dc:c4:19:37 819s Exponent: 65537 (0x10001) 819s X509v3 extensions: 819s X509v3 Authority Key Identifier: 819s F9:57:6C:50:D2:EE:83:DE:A1:CE:5F:16:1E:6E:78:BD:56:CD:C4:A6 819s X509v3 Basic Constraints: 819s CA:FALSE 819s Netscape Cert Type: 819s SSL Client, S/MIME 819s Netscape Comment: 819s Test Organization Sub Intermediate CA trusted Certificate 819s X509v3 Subject Key Identifier: 819s B0:B0:20:3D:EE:CE:E7:E5:22:7C:74:71:41:F7:00:D2:7B:FC:58:0D 819s X509v3 Key Usage: critical 819s Digital Signature, Non Repudiation, Key Encipherment 819s X509v3 Extended Key Usage: 819s TLS Web Client Authentication, E-mail Protection 819s X509v3 Subject Alternative Name: 819s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 819s Signature Algorithm: sha256WithRSAEncryption 819s Signature Value: 819s 09:30:ae:37:02:22:ae:28:4c:76:52:65:1a:f6:91:5e:1e:9c: 819s e0:7d:8f:58:b7:2a:67:58:a6:15:8f:ea:31:81:f2:5b:1d:74: 819s 06:a5:8f:d5:9b:12:9e:0b:76:00:ef:b6:cb:83:cc:66:3b:b7: 819s ac:d1:1e:0a:a3:8a:35:27:1b:98:20:89:7b:81:7f:a1:37:4f: 819s 61:91:db:d2:3f:92:d3:c1:f1:f8:a4:3c:40:e7:9e:fd:91:18: 819s f1:23:3f:8b:7e:a8:31:94:e7:d3:0a:02:59:81:03:e9:0c:3a: 819s 6f:63:f0:c4:bc:84:9f:84:fc:83:af:36:3a:9b:61:f6:af:7a: 819s f3:fc 819s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-6880-auth.pem 819s + found_md5=Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 819s + '[' Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 '!=' Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 ']' 819s + valid_certificate /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 /tmp/sssd-softhsm2-tcILm7/test-intermediate-sub-chain-CA.pem partial_chain 819s + check_certificate /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 /tmp/sssd-softhsm2-tcILm7/test-intermediate-sub-chain-CA.pem partial_chain 819s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 819s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29827 819s + local key_ring=/tmp/sssd-softhsm2-tcILm7/test-intermediate-sub-chain-CA.pem 819s + local verify_option=partial_chain 819s + prepare_softhsm2_card /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-29827 819s + local certificate=/tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 819s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-29827 819s + local key_cn 819s + local key_name 819s + local tokens_dir 819s + local output_cert_file 819s + token_name= 819s ++ basename /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 819s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 819s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 819s ++ sed -n 's/ *commonName *= //p' 819s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 819s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 819s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 819s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 819s ++ basename /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 819s + tokens_dir=/tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 819s + token_name='Test Organization Sub Int Token' 819s + '[' '!' -e /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 819s + '[' '!' -d /tmp/sssd-softhsm2-tcILm7/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 ']' 819s + echo 'Test Organization Sub Int Token' 819s Test Organization Sub Int Token 819s + '[' -n partial_chain ']' 819s + local verify_arg=--verify=partial_chain 819s + local output_base_name=SSSD-child-28185 819s + local output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-28185.output 819s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-28185.pem 819s + /usr/libexec/sssd/p11_child --pre -d 10 --logger=stderr --debug-fd=2 --module_name=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --verify=partial_chain --ca_db=/tmp/sssd-softhsm2-tcILm7/test-intermediate-sub-chain-CA.pem 819s [p11_child[2431]] [main] (0x0400): p11_child started. 819s [p11_child[2431]] [main] (0x2000): Running in [pre-auth] mode. 819s [p11_child[2431]] [main] (0x2000): Running with effective IDs: [0][0]. 819s [p11_child[2431]] [main] (0x2000): Running with real IDs [0][0]. 819s [p11_child[2431]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 819s [p11_child[2431]] [do_card] (0x4000): Module List: 819s [p11_child[2431]] [do_card] (0x4000): common name: [softhsm2]. 819s [p11_child[2431]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 819s [p11_child[2431]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3b5f0c0c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 819s [p11_child[2431]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 819s [p11_child[2431]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3b5f0c0c][996084748] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 819s [p11_child[2431]] [do_card] (0x4000): Login NOT required. 819s [p11_child[2431]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 819s [p11_child[2431]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 819s [p11_child[2431]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so (null) Test Organization Sub Int Token (null) - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 819s [p11_child[2431]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3b5f0c0c;slot-manufacturer=SoftHSM%20project;slot-id=996084748;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=07fd89f4bb5f0c0c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 819s [p11_child[2431]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 819s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-28185.output 819s + echo '-----BEGIN CERTIFICATE-----' 819s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-28185.output 819s + echo '-----END CERTIFICATE-----' 819s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-28185.pem 819s Certificate: 819s Data: 819s Version: 3 (0x2) 819s Serial Number: 5 (0x5) 819s Signature Algorithm: sha256WithRSAEncryption 819s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 819s Validity 819s Not Before: Mar 20 18:34:39 2024 GMT 819s Not After : Mar 20 18:34:39 2025 GMT 819s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 819s Subject Public Key Info: 819s Public Key Algorithm: rsaEncryption 819s Public-Key: (1024 bit) 819s Modulus: 819s 00:dd:a6:06:b1:32:3b:90:f5:76:21:31:f2:66:57: 819s ae:28:b8:c2:e9:9f:54:82:49:62:58:e4:7b:e0:4f: 819s 94:0b:d8:2f:a4:ae:f0:78:27:02:09:5a:c3:68:ea: 819s 49:ee:6e:2d:3c:a3:5a:4a:99:6f:19:0f:ce:1f:20: 819s 75:34:c9:1b:08:32:83:42:f9:24:41:95:88:23:39: 819s 31:18:58:48:a7:eb:67:78:ea:d2:7e:13:c2:a7:6b: 819s c8:48:04:54:f9:a0:6c:86:28:39:6a:57:f5:c1:7f: 819s 46:5d:19:da:f6:9e:4c:c9:41:27:2d:2f:b8:45:41: 819s 9b:4c:19:29:1a:dc:c4:19:37 819s Exponent: 65537 (0x10001) 819s X509v3 extensions: 819s X509v3 Authority Key Identifier: 819s F9:57:6C:50:D2:EE:83:DE:A1:CE:5F:16:1E:6E:78:BD:56:CD:C4:A6 819s X509v3 Basic Constraints: 819s CA:FALSE 819s Netscape Cert Type: 819s SSL Client, S/MIME 819s Netscape Comment: 819s Test Organization Sub Intermediate CA trusted Certificate 819s X509v3 Subject Key Identifier: 819s B0:B0:20:3D:EE:CE:E7:E5:22:7C:74:71:41:F7:00:D2:7B:FC:58:0D 819s X509v3 Key Usage: critical 819s Digital Signature, Non Repudiation, Key Encipherment 819s X509v3 Extended Key Usage: 819s TLS Web Client Authentication, E-mail Protection 819s X509v3 Subject Alternative Name: 819s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 819s Signature Algorithm: sha256WithRSAEncryption 819s Signature Value: 819s 09:30:ae:37:02:22:ae:28:4c:76:52:65:1a:f6:91:5e:1e:9c: 819s e0:7d:8f:58:b7:2a:67:58:a6:15:8f:ea:31:81:f2:5b:1d:74: 819s 06:a5:8f:d5:9b:12:9e:0b:76:00:ef:b6:cb:83:cc:66:3b:b7: 819s ac:d1:1e:0a:a3:8a:35:27:1b:98:20:89:7b:81:7f:a1:37:4f: 819s 61:91:db:d2:3f:92:d3:c1:f1:f8:a4:3c:40:e7:9e:fd:91:18: 819s f1:23:3f:8b:7e:a8:31:94:e7:d3:0a:02:59:81:03:e9:0c:3a: 819s 6f:63:f0:c4:bc:84:9f:84:fc:83:af:36:3a:9b:61:f6:af:7a: 819s f3:fc 819s + local found_md5 expected_md5 819s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/test-sub-intermediate-CA-trusted-certificate-0001.pem 819s + expected_md5=Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 819s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-28185.pem 819s + found_md5=Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 819s + '[' Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 '!=' Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 ']' 819s + output_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-28185-auth.output 819s ++ basename /tmp/sssd-softhsm2-tcILm7/SSSD-child-28185-auth.output .output 819s + output_cert_file=/tmp/sssd-softhsm2-tcILm7/SSSD-child-28185-auth.pem 819s + echo -n 053350 819s + /usr/libexec/sssd/p11_child --auth -d 10 --debug-fd=2 --ca_db=/tmp/sssd-softhsm2-tcILm7/test-intermediate-sub-chain-CA.pem --pin --key_id 00112233445566778899FFAABBCCDDEEFF012345 --verify=partial_chain --token_name 'Test Organization Sub Int Token' --module_name /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 819s [p11_child[2439]] [main] (0x0400): p11_child started. 819s [p11_child[2439]] [main] (0x2000): Running in [auth] mode. 819s [p11_child[2439]] [main] (0x2000): Running with effective IDs: [0][0]. 819s [p11_child[2439]] [main] (0x2000): Running with real IDs [0][0]. 819s [p11_child[2439]] [parse_cert_verify_opts] (0x4000): Found 'partial_chain' option, verification will not fail if a complete chain cannot be built to a self-signed trust-anchor, provided it is possible to construct a chain to a trusted certificate that might not be self-signed. 819s [p11_child[2439]] [do_card] (0x4000): Module List: 819s [p11_child[2439]] [do_card] (0x4000): common name: [softhsm2]. 819s [p11_child[2439]] [do_card] (0x4000): dll name: [/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 819s [p11_child[2439]] [do_card] (0x4000): Description [SoftHSM slot ID 0x3b5f0c0c] Manufacturer [SoftHSM project] flags [3] removable [true] token present [true]. 819s [p11_child[2439]] [do_card] (0x4000): Token label [Test Organization Sub Int Token]. 819s [p11_child[2439]] [do_card] (0x4000): Found [Test Organization Sub Int Token] in slot [SoftHSM slot ID 0x3b5f0c0c][996084748] of module [0][/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so]. 819s [p11_child[2439]] [do_card] (0x4000): Login required. 819s [p11_child[2439]] [read_certs] (0x4000): found cert[Test Organization Sub Intermediate Trusted Certificate 0001][/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Sub Intermediate Trusted Certificate 0001] 819s [p11_child[2439]] [do_ocsp] (0x0020): No OCSP URL in certificate and no default responder defined, skipping OCSP check. 819s [p11_child[2439]] [do_card] (0x4000): /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so Test Organization Sub Int Token Test Organization Sub Int Token 00112233445566778899FFAABBCCDDEEFF012345 - no label given- 00112233445566778899FFAABBCCDDEEFF012345. 819s [p11_child[2439]] [do_card] (0x4000): uri: pkcs11:library-description=Implementation%20of%20PKCS11;library-manufacturer=SoftHSM;library-version=2.6;slot-description=SoftHSM%20slot%20ID%200x3b5f0c0c;slot-manufacturer=SoftHSM%20project;slot-id=996084748;model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=07fd89f4bb5f0c0c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4226]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4357]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4229]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4234]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4230]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4225]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4356]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4231]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4224]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8457]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8458]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [304]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [307]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4355]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [310]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [312]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [306]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4354]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [305]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [290]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4353]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [293]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [289]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4352]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [288]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [33]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [32]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8193]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [17]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [16]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [8192]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [18]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [19]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [20]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [21]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [22]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4176]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4161]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4181]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4160]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [4183]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [848]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [528]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [529]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [5]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [1]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [0]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [9]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [13]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [3]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [6]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [14]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [597]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [598]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [70]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [71]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [592]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [593]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [64]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [67]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [608]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [609]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [65]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [68]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [624]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [625]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [66]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [69]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [544]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x4000): Found mechanism [545]. 819s [p11_child[2439]] [get_preferred_rsa_mechanism] (0x0200): Using PKCS#11 mechanism [66][CKM_SHA512_RSA_PKCS] with message digest [sha512]. 819s [p11_child[2439]] [sign_data] (0x4000): Found RSA key using mechanism [66]. 819s [p11_child[2439]] [do_card] (0x4000): Certificate verified and validated. 819s [p11_child[2439]] [do_card] (0x4000): Found certificate has key id [00112233445566778899FFAABBCCDDEEFF012345]. 819s + grep -qs 00112233445566778899FFAABBCCDDEEFF012345 /tmp/sssd-softhsm2-tcILm7/SSSD-child-28185-auth.output 819s + echo '-----BEGIN CERTIFICATE-----' 819s + tail -n1 /tmp/sssd-softhsm2-tcILm7/SSSD-child-28185-auth.output 819s + echo '-----END CERTIFICATE-----' 819s + openssl x509 -text -noout -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-28185-auth.pem 819s Certificate: 819s Data: 819s Version: 3 (0x2) 819s Serial Number: 5 (0x5) 819s Signature Algorithm: sha256WithRSAEncryption 819s Issuer: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 819s Validity 819s Not Before: Mar 20 18:34:39 2024 GMT 819s Not After : Mar 20 18:34:39 2025 GMT 819s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 819s Subject Public Key Info: 819s Public Key Algorithm: rsaEncryption 819s Public-Key: (1024 bit) 819s Modulus: 819s 00:dd:a6:06:b1:32:3b:90:f5:76:21:31:f2:66:57: 819s ae:28:b8:c2:e9:9f:54:82:49:62:58:e4:7b:e0:4f: 819s 94:0b:d8:2f:a4:ae:f0:78:27:02:09:5a:c3:68:ea: 819s 49:ee:6e:2d:3c:a3:5a:4a:99:6f:19:0f:ce:1f:20: 819s 75:34:c9:1b:08:32:83:42:f9:24:41:95:88:23:39: 819s 31:18:58:48:a7:eb:67:78:ea:d2:7e:13:c2:a7:6b: 819s c8:48:04:54:f9:a0:6c:86:28:39:6a:57:f5:c1:7f: 819s 46:5d:19:da:f6:9e:4c:c9:41:27:2d:2f:b8:45:41: 819s 9b:4c:19:29:1a:dc:c4:19:37 819s Exponent: 65537 (0x10001) 819s X509v3 extensions: 819s X509v3 Authority Key Identifier: 819s F9:57:6C:50:D2:EE:83:DE:A1:CE:5F:16:1E:6E:78:BD:56:CD:C4:A6 819s X509v3 Basic Constraints: 819s CA:FALSE 819s Netscape Cert Type: 819s SSL Client, S/MIME 819s Netscape Comment: 819s Test Organization Sub Intermediate CA trusted Certificate 819s X509v3 Subject Key Identifier: 819s B0:B0:20:3D:EE:CE:E7:E5:22:7C:74:71:41:F7:00:D2:7B:FC:58:0D 819s X509v3 Key Usage: critical 819s Digital Signature, Non Repudiation, Key Encipherment 819s X509v3 Extended Key Usage: 819s TLS Web Client Authentication, E-mail Protection 819s X509v3 Subject Alternative Name: 819s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 819s Signature Algorithm: sha256WithRSAEncryption 819s Signature Value: 819s 09:30:ae:37:02:22:ae:28:4c:76:52:65:1a:f6:91:5e:1e:9c: 819s e0:7d:8f:58:b7:2a:67:58:a6:15:8f:ea:31:81:f2:5b:1d:74: 819s 06:a5:8f:d5:9b:12:9e:0b:76:00:ef:b6:cb:83:cc:66:3b:b7: 819s ac:d1:1e:0a:a3:8a:35:27:1b:98:20:89:7b:81:7f:a1:37:4f: 819s 61:91:db:d2:3f:92:d3:c1:f1:f8:a4:3c:40:e7:9e:fd:91:18: 819s f1:23:3f:8b:7e:a8:31:94:e7:d3:0a:02:59:81:03:e9:0c:3a: 819s 6f:63:f0:c4:bc:84:9f:84:fc:83:af:36:3a:9b:61:f6:af:7a: 819s f3:fc 819s ++ openssl x509 -noout -modulus -in /tmp/sssd-softhsm2-tcILm7/SSSD-child-28185-auth.pem 819s + found_md5=Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 819s 819s Test completed, Root CA and intermediate issued certificates verified! 819s + '[' Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 '!=' Modulus=DDA606B1323B90F5762131F26657AE28B8C2E99F5482496258E47BE04F940BD82FA4AEF0782702095AC368EA49EE6E2D3CA35A4A996F190FCE1F207534C91B08328342F924419588233931185848A7EB6778EAD27E13C2A76BC8480454F9A06C8628396A57F5C17F465D19DAF69E4CC941272D2FB845419B4C19291ADCC41937 ']' 819s + set +x 820s autopkgtest [18:34:48]: test sssd-softhism2-certificates-tests.sh: -----------------------] 821s autopkgtest [18:34:49]: test sssd-softhism2-certificates-tests.sh: - - - - - - - - - - results - - - - - - - - - - 821s sssd-softhism2-certificates-tests.sh PASS 821s autopkgtest [18:34:49]: test sssd-smart-card-pam-auth-configs: preparing testbed 831s Reading package lists... 832s Building dependency tree... 832s Reading state information... 832s Starting pkgProblemResolver with broken count: 0 832s Starting 2 pkgProblemResolver with broken count: 0 832s Done 833s The following additional packages will be installed: 833s pamtester 833s The following NEW packages will be installed: 833s autopkgtest-satdep pamtester 833s 0 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. 833s Need to get 12.3 kB/13.0 kB of archives. 833s After this operation, 36.9 kB of additional disk space will be used. 833s Get:1 /tmp/autopkgtest.YVHgdk/4-autopkgtest-satdep.deb autopkgtest-satdep arm64 0 [760 B] 833s Get:2 http://ftpmaster.internal/ubuntu noble/universe arm64 pamtester arm64 0.1.2-4 [12.3 kB] 834s Fetched 12.3 kB in 0s (51.3 kB/s) 834s Selecting previously unselected package pamtester. 834s (Reading database ... (Reading database ... 5% (Reading database ... 10% (Reading database ... 15% (Reading database ... 20% (Reading database ... 25% (Reading database ... 30% (Reading database ... 35% (Reading database ... 40% (Reading database ... 45% (Reading database ... 50% (Reading database ... 55% (Reading database ... 60% (Reading database ... 65% (Reading database ... 70% (Reading database ... 75% (Reading database ... 80% (Reading database ... 85% (Reading database ... 90% (Reading database ... 95% (Reading database ... 100% (Reading database ... 76441 files and directories currently installed.) 834s Preparing to unpack .../pamtester_0.1.2-4_arm64.deb ... 834s Unpacking pamtester (0.1.2-4) ... 834s Selecting previously unselected package autopkgtest-satdep. 834s Preparing to unpack .../4-autopkgtest-satdep.deb ... 834s Unpacking autopkgtest-satdep (0) ... 834s Setting up pamtester (0.1.2-4) ... 834s Setting up autopkgtest-satdep (0) ... 834s Processing triggers for man-db (2.12.0-3) ... 839s (Reading database ... 76447 files and directories currently installed.) 839s Removing autopkgtest-satdep (0) ... 840s autopkgtest [18:35:08]: test sssd-smart-card-pam-auth-configs: env OFFLINE_MODE=1 bash debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 840s autopkgtest [18:35:08]: test sssd-smart-card-pam-auth-configs: [----------------------- 840s + '[' -z ubuntu ']' 840s + export DEBIAN_FRONTEND=noninteractive 840s + DEBIAN_FRONTEND=noninteractive 840s + required_tools=(pamtester softhsm2-util sssd) 840s + [[ ! -v OFFLINE_MODE ]] 840s + for cmd in "${required_tools[@]}" 840s + command -v pamtester 840s + for cmd in "${required_tools[@]}" 840s + command -v softhsm2-util 840s + for cmd in "${required_tools[@]}" 840s + command -v sssd 840s + PIN=123456 840s ++ mktemp -d -t sssd-softhsm2-certs-XXXXXX 840s + tmpdir=/tmp/sssd-softhsm2-certs-rzEsEj 840s + backupsdir= 840s + alternative_pam_configs=(sss-smart-card-optional sss-smart-card-required) 840s + declare -a restore_paths 840s + declare -a delete_paths 840s + trap handle_exit EXIT 840s ++ dirname debian/tests/sssd-smart-card-pam-auth-configs-tester.sh 840s + tester=debian/tests/sssd-softhism2-certificates-tests.sh 840s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 840s + '[' '!' -e debian/tests/sssd-softhism2-certificates-tests.sh ']' 840s + export PIN TEST_TMPDIR=/tmp/sssd-softhsm2-certs-rzEsEj GENERATE_SMART_CARDS=1 KEEP_TEMPORARY_FILES=1 NO_SSSD_TESTS=1 840s + TEST_TMPDIR=/tmp/sssd-softhsm2-certs-rzEsEj 840s + GENERATE_SMART_CARDS=1 840s + KEEP_TEMPORARY_FILES=1 840s + NO_SSSD_TESTS=1 840s + bash debian/tests/sssd-softhism2-certificates-tests.sh 840s + '[' -z ubuntu ']' 840s + required_tools=(p11tool openssl softhsm2-util) 840s + for cmd in "${required_tools[@]}" 840s + command -v p11tool 840s + for cmd in "${required_tools[@]}" 840s + command -v openssl 840s + for cmd in "${required_tools[@]}" 840s + command -v softhsm2-util 840s + PIN=123456 840s +++ find /usr/lib/softhsm/libsofthsm2.so 840s +++ head -n 1 840s ++ realpath /usr/lib/softhsm/libsofthsm2.so 840s + SOFTHSM2_MODULE=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so 840s + SSSD_P11_CHILD=/usr/libexec/sssd/p11_child 840s + TOKEN_ID=00112233445566778899FFAABBCCDDEEFF012345 840s + '[' '!' -v NO_SSSD_TESTS ']' 840s + '[' '!' -e /usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so ']' 840s + tmpdir=/tmp/sssd-softhsm2-certs-rzEsEj 840s + keys_size=1024 840s + [[ ! -v KEEP_TEMPORARY_FILES ]] 840s + trap 'set +x; echo -e "\nUnexpected failure!!!"' ERR 840s + echo -n 01 840s + touch /tmp/sssd-softhsm2-certs-rzEsEj/index.txt 840s + mkdir -p /tmp/sssd-softhsm2-certs-rzEsEj/new_certs 840s + cat 840s + root_ca_key_pass=pass:random-root-CA-password-24840 840s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-key.pem -passout pass:random-root-CA-password-24840 1024 840s + openssl req -passin pass:random-root-CA-password-24840 -batch -config /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA.config -x509 -new -nodes -key /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-key.pem -sha256 -days 1024 -set_serial 0 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA.pem 840s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA.pem 840s + cat 840s + intermediate_ca_key_pass=pass:random-intermediate-CA-password-25322 840s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-25322 1024 840s + openssl req -batch -new -nodes -passin pass:random-intermediate-CA-password-25322 -config /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-key.pem -passout pass:random-root-CA-password-24840 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-certificate-request.pem 840s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-certificate-request.pem 840s Certificate Request: 840s Data: 840s Version: 1 (0x0) 840s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 840s Subject Public Key Info: 840s Public Key Algorithm: rsaEncryption 840s Public-Key: (1024 bit) 840s Modulus: 840s 00:b4:03:06:4d:8a:0a:38:15:ba:cf:b9:27:f9:ca: 840s 61:40:77:6d:a6:30:ae:2b:85:e9:1d:94:7d:3b:21: 840s 9e:d1:09:a4:f5:86:83:82:d4:d2:9b:af:2d:0d:03: 840s c5:9a:70:36:cb:fc:7d:56:e1:3f:91:f8:28:be:43: 840s 36:73:1d:8b:ad:46:95:6a:7d:ff:e0:e4:1b:b4:b7: 840s 9b:98:83:d5:db:71:31:45:05:2b:b5:db:6d:93:4c: 840s 58:50:e3:de:cc:62:83:57:06:b7:ad:f2:c0:9b:2f: 840s 8d:ad:89:ce:d4:db:74:8c:5e:5f:4b:46:f3:9b:58: 840s 75:b2:c4:65:47:78:8b:78:c5 840s Exponent: 65537 (0x10001) 840s Attributes: 840s (none) 840s Requested Extensions: 840s Signature Algorithm: sha256WithRSAEncryption 840s Signature Value: 840s 7f:59:55:89:0b:03:08:2f:7b:61:01:6d:a7:46:33:e3:24:8c: 840s a8:7f:08:1c:f8:7b:4b:5d:fd:74:0b:9f:69:ad:3b:04:ae:69: 840s 47:f4:a6:c6:2b:0c:05:ca:98:0e:6b:af:ae:7d:1e:b3:af:dc: 840s bc:11:95:78:7f:34:05:60:42:3b:50:60:49:c5:00:4a:7d:7c: 840s ba:d9:58:36:4f:76:c0:6a:79:d4:19:df:62:b4:5e:06:3d:44: 840s 0a:e0:5c:01:2c:c0:6b:81:df:f0:29:dd:57:b5:c7:e6:85:05: 840s 1f:af:93:ff:35:eb:c8:fb:a4:46:6d:5c:e8:a0:d1:19:cc:5a: 840s f2:d4 840s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA.config -passin pass:random-root-CA-password-24840 -keyfile /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.pem 840s Using configuration from /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA.config 840s Check that the request matches the signature 840s Signature ok 840s Certificate Details: 840s Serial Number: 1 (0x1) 840s Validity 840s Not Before: Mar 20 18:35:08 2024 GMT 840s Not After : Mar 20 18:35:08 2025 GMT 840s Subject: 840s organizationName = Test Organization 840s organizationalUnitName = Test Organization Unit 840s commonName = Test Organization Intermediate CA 840s X509v3 extensions: 840s X509v3 Subject Key Identifier: 840s 31:37:47:ED:BA:89:13:31:61:71:53:6A:88:C5:B2:60:0A:6B:4F:6C 840s X509v3 Authority Key Identifier: 840s keyid:6D:ED:05:70:8A:36:2F:68:0A:49:F7:BD:DB:D6:7B:67:2E:EE:93:25 840s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 840s serial:00 840s X509v3 Basic Constraints: 840s CA:TRUE 840s X509v3 Key Usage: critical 840s Digital Signature, Certificate Sign, CRL Sign 840s Certificate is to be certified until Mar 20 18:35:08 2025 GMT (365 days) 840s 840s Write out database with 1 new entries 840s Database updated 840s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.pem 840s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.pem 840s /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.pem: OK 840s + cat 840s + sub_intermediate_ca_key_pass=pass:random-sub-intermediate-CA-password-4987 840s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-key.pem -passout pass:random-sub-intermediate-CA-password-4987 1024 840s + openssl req -batch -new -nodes -passin pass:random-sub-intermediate-CA-password-4987 -config /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA.config -key /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-key.pem -passout pass:random-intermediate-CA-password-25322 -sha256 -extensions v3_ca -out /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-certificate-request.pem 840s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-certificate-request.pem 840s Certificate Request: 840s Data: 840s Version: 1 (0x0) 840s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 840s Subject Public Key Info: 840s Public Key Algorithm: rsaEncryption 840s Public-Key: (1024 bit) 840s Modulus: 840s 00:c4:4d:92:52:cc:7b:14:60:f7:88:83:17:4a:e7: 840s 81:cd:f2:06:58:82:b2:fe:ee:5f:60:f8:ae:69:1c: 840s ba:43:5e:65:9f:94:27:21:66:67:16:13:ed:47:e0: 840s 0b:13:d9:1a:8a:f5:f2:95:2b:7e:86:6c:04:e7:d4: 840s 88:9a:33:76:f0:02:20:aa:b9:b9:a5:01:96:f9:a8: 840s 45:21:cd:4d:10:51:bf:79:1c:ca:4a:51:7e:db:3f: 840s 6f:29:11:e2:c8:e5:a9:19:0c:63:d1:cc:62:f8:65: 840s a5:e1:e7:07:ec:5a:4b:2f:17:e1:f1:4b:c9:18:d2: 840s a6:04:f9:43:5b:ab:8d:ba:21 840s Exponent: 65537 (0x10001) 840s Attributes: 840s (none) 840s Requested Extensions: 840s Signature Algorithm: sha256WithRSAEncryption 840s Signature Value: 840s 4a:b0:fe:a8:4b:f5:ec:45:b7:50:e4:67:1f:2d:67:e5:9b:8f: 840s dc:68:d4:e9:bf:8c:7b:fb:41:7f:d5:17:69:0f:1a:6c:35:0f: 840s 16:90:44:f8:df:62:e8:c9:10:fb:37:96:36:72:b8:ee:3e:40: 840s ef:f3:d7:94:ce:e0:aa:39:f1:f8:65:ce:dc:bf:1b:b8:99:42: 840s 49:fe:32:ee:9f:d9:0b:ce:bb:33:6f:a1:78:ad:ae:12:7c:b6: 840s a1:0d:6c:61:58:1d:3c:f3:3a:31:17:fe:77:65:12:f9:fa:2d: 840s d5:f9:e8:02:d4:b8:77:8e:a2:fd:7c:3f:6e:72:da:d5:b9:85: 840s 08:4f 840s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.config -passin pass:random-intermediate-CA-password-25322 -keyfile /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-certificate-request.pem -days 365 -extensions v3_intermediate_ca -out /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA.pem 840s Using configuration from /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.config 840s Check that the request matches the signature 840s Signature ok 840s Certificate Details: 840s Serial Number: 2 (0x2) 840s Validity 840s Not Before: Mar 20 18:35:08 2024 GMT 840s Not After : Mar 20 18:35:08 2025 GMT 840s Subject: 840s organizationName = Test Organization 840s organizationalUnitName = Test Organization Unit 840s commonName = Test Organization Sub Intermediate CA 840s X509v3 extensions: 840s X509v3 Subject Key Identifier: 840s 18:03:67:2B:9C:F6:5D:CE:99:19:F3:85:F6:31:0A:D3:14:E6:E2:96 840s X509v3 Authority Key Identifier: 840s keyid:31:37:47:ED:BA:89:13:31:61:71:53:6A:88:C5:B2:60:0A:6B:4F:6C 840s DirName:/O=Test Organization/OU=Test Organization Unit/CN=Test Organization Root CA 840s serial:01 840s X509v3 Basic Constraints: 840s CA:TRUE 840s X509v3 Key Usage: critical 840s Digital Signature, Certificate Sign, CRL Sign 840s Certificate is to be certified until Mar 20 18:35:08 2025 GMT (365 days) 840s 840s Write out database with 1 new entries 840s Database updated 840s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA.pem 841s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA.pem 841s /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA.pem: OK 841s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA.pem 841s + local cmd=openssl 841s + shift 841s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA.pem 841s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 841s error 20 at 0 depth lookup: unable to get local issuer certificate 841s error /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA.pem: verification failed 841s + cat 841s + root_ca_trusted_cert_0001_key_pass=pass:random-root-ca-trusted-cert-0001-31421 841s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001-key.pem -passout pass:random-root-ca-trusted-cert-0001-31421 1024 841s + openssl req -new -nodes -reqexts req_exts -passin pass:random-root-ca-trusted-cert-0001-31421 -key /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001-request.pem 841s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001-request.pem 841s Certificate Request: 841s Data: 841s Version: 1 (0x0) 841s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 841s Subject Public Key Info: 841s Public Key Algorithm: rsaEncryption 841s Public-Key: (1024 bit) 841s Modulus: 841s 00:c5:8a:1f:c1:8c:f6:4a:05:18:d2:32:cf:b5:82: 841s 3d:62:11:bf:51:46:1c:e8:df:b3:5a:9a:7d:7e:41: 841s c5:85:f3:43:8d:21:2c:b6:e1:38:f7:b9:4a:1f:23: 841s b8:67:3c:93:a6:48:bd:b1:30:59:e0:fd:82:fc:65: 841s d6:e6:0b:94:5e:aa:2c:99:a6:51:2f:d9:a9:5a:3e: 841s f1:1d:91:d2:62:30:c6:1a:9f:c0:91:53:62:c6:56: 841s be:eb:c5:7b:d6:bc:76:aa:c4:45:b0:f2:73:bd:43: 841s 6e:e8:a6:e5:de:ec:35:e3:92:0c:c0:a7:83:1b:90: 841s 02:82:35:a2:85:42:d4:c0:bd 841s Exponent: 65537 (0x10001) 841s Attributes: 841s Requested Extensions: 841s X509v3 Basic Constraints: 841s CA:FALSE 841s Netscape Cert Type: 841s SSL Client, S/MIME 841s Netscape Comment: 841s Test Organization Root CA trusted Certificate 841s X509v3 Subject Key Identifier: 841s CE:3A:F2:2A:AD:81:28:51:04:6E:2C:DC:CF:8B:78:21:DD:50:CC:8E 841s X509v3 Key Usage: critical 841s Digital Signature, Non Repudiation, Key Encipherment 841s X509v3 Extended Key Usage: 841s TLS Web Client Authentication, E-mail Protection 841s X509v3 Subject Alternative Name: 841s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 841s Signature Algorithm: sha256WithRSAEncryption 841s Signature Value: 841s 74:71:fb:75:01:52:e1:5f:2c:9f:5f:6b:f1:c6:de:ab:0a:d9: 841s 16:29:a2:5a:53:b9:a3:b7:fa:0a:03:f7:10:cd:3f:05:7a:ea: 841s be:b0:ba:4d:e8:f2:09:ac:56:b8:26:9d:a8:d8:c6:a5:93:f9: 841s 41:61:f4:a8:a2:46:c5:26:5a:17:6e:0b:4b:40:e6:f0:fc:43: 841s ac:45:e8:b9:30:59:9b:93:2a:53:a3:9f:6e:3a:56:bc:80:c0: 841s 33:59:ad:c3:e8:2d:dc:f1:2b:47:78:4c:d4:6a:72:ef:62:a7: 841s 45:a0:49:9c:97:ab:ff:00:d0:e7:04:7e:3a:58:b3:97:ba:7a: 841s 33:71 841s + openssl ca -batch -notext -config /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA.config -passin pass:random-root-CA-password-24840 -keyfile /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-key.pem -in /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001.pem 841s Using configuration from /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA.config 841s Check that the request matches the signature 841s Signature ok 841s Certificate Details: 841s Serial Number: 3 (0x3) 841s Validity 841s Not Before: Mar 20 18:35:09 2024 GMT 841s Not After : Mar 20 18:35:09 2025 GMT 841s Subject: 841s organizationName = Test Organization 841s organizationalUnitName = Test Organization Unit 841s commonName = Test Organization Root Trusted Certificate 0001 841s X509v3 extensions: 841s X509v3 Authority Key Identifier: 841s 6D:ED:05:70:8A:36:2F:68:0A:49:F7:BD:DB:D6:7B:67:2E:EE:93:25 841s X509v3 Basic Constraints: 841s CA:FALSE 841s Netscape Cert Type: 841s SSL Client, S/MIME 841s Netscape Comment: 841s Test Organization Root CA trusted Certificate 841s X509v3 Subject Key Identifier: 841s CE:3A:F2:2A:AD:81:28:51:04:6E:2C:DC:CF:8B:78:21:DD:50:CC:8E 841s X509v3 Key Usage: critical 841s Digital Signature, Non Repudiation, Key Encipherment 841s X509v3 Extended Key Usage: 841s TLS Web Client Authentication, E-mail Protection 841s X509v3 Subject Alternative Name: 841s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 841s Certificate is to be certified until Mar 20 18:35:09 2025 GMT (365 days) 841s 841s Write out database with 1 new entries 841s Database updated 841s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001.pem 841s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001.pem 841s /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001.pem: OK 841s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001.pem 841s + local cmd=openssl 841s + shift 841s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001.pem 841s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root Trusted Certificate 0001 841s error 20 at 0 depth lookup: unable to get local issuer certificate 841s error /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001.pem: verification failed 841s + cat 841s + intermediate_ca_trusted_cert_0001_key_pass=pass:random-intermediate-ca-trusted-cert-0001-8453 841s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-intermediate-ca-trusted-cert-0001-8453 1024 841s + openssl req -new -nodes -reqexts req_exts -passin pass:random-intermediate-ca-trusted-cert-0001-8453 -key /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001-request.pem 841s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001-request.pem 841s Certificate Request: 841s Data: 841s Version: 1 (0x0) 841s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate Trusted Certificate 0001 841s Subject Public Key Info: 841s Public Key Algorithm: rsaEncryption 841s Public-Key: (1024 bit) 841s Modulus: 841s 00:9a:bb:fe:aa:43:df:96:b5:4e:b5:1d:d5:07:09: 841s 67:a3:19:db:74:b4:d7:95:ae:12:e9:b6:f4:cc:03: 841s 1f:66:da:dc:55:98:75:b1:23:d1:5f:bc:2d:7d:7e: 841s fc:3b:43:17:f7:c6:0d:ec:49:e3:56:4d:b2:f9:39: 841s 1d:02:20:fa:eb:a2:d4:c7:4a:03:27:29:e7:c9:a2: 841s c3:d5:39:d6:2e:7e:56:95:71:e6:91:05:21:48:9e: 841s 90:15:80:e1:8b:56:1f:c7:32:b8:57:e3:a8:b1:2a: 841s 8d:35:a3:44:eb:ae:72:c9:6a:7c:6d:f1:9a:fe:85: 841s 39:65:b0:a5:3d:ce:be:51:dd 841s Exponent: 65537 (0x10001) 841s Attributes: 841s Requested Extensions: 841s X509v3 Basic Constraints: 841s CA:FALSE 841s Netscape Cert Type: 841s SSL Client, S/MIME 841s Netscape Comment: 841s Test Organization Intermediate CA trusted Certificate 841s X509v3 Subject Key Identifier: 841s D0:1D:96:E3:2A:74:22:D8:5D:8F:78:5E:D7:D3:67:C1:62:7B:D1:7F 841s X509v3 Key Usage: critical 841s Digital Signature, Non Repudiation, Key Encipherment 841s X509v3 Extended Key Usage: 841s TLS Web Client Authentication, E-mail Protection 841s X509v3 Subject Alternative Name: 841s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 841s Signature Algorithm: sha256WithRSAEncryption 841s Signature Value: 841s 97:21:4c:f1:13:c1:d4:01:ea:22:27:7a:d6:e4:9d:04:0b:1b: 841s c7:fa:0a:08:58:f8:19:59:1e:52:9c:3b:b3:77:66:e4:47:00: 841s 4d:e1:af:cd:67:22:fe:f7:e8:fe:ac:3b:e6:30:42:97:5e:88: 841s e8:b2:a4:5a:c0:c6:cf:98:b4:9d:db:bd:14:fc:a4:7b:cf:28: 841s 81:ca:6a:c3:d2:87:97:82:1f:17:90:db:9f:30:64:4a:66:26: 841s 14:cd:e6:7a:d7:c2:57:e1:99:db:de:c9:53:94:f5:35:79:6b: 841s 9a:3d:55:1d:5e:0e:96:32:18:13:ba:16:65:d8:81:eb:be:a6: 841s 33:06 841s + openssl ca -passin pass:random-intermediate-CA-password-25322 -config /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001.pem 841s Using configuration from /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.config 841s Check that the request matches the signature 841s Signature ok 841s Certificate Details: 841s Serial Number: 4 (0x4) 841s Validity 841s Not Before: Mar 20 18:35:09 2024 GMT 841s Not After : Mar 20 18:35:09 2025 GMT 841s Subject: 841s organizationName = Test Organization 841s organizationalUnitName = Test Organization Unit 841s commonName = Test Organization Intermediate Trusted Certificate 0001 841s X509v3 extensions: 841s X509v3 Authority Key Identifier: 841s 31:37:47:ED:BA:89:13:31:61:71:53:6A:88:C5:B2:60:0A:6B:4F:6C 841s X509v3 Basic Constraints: 841s CA:FALSE 841s Netscape Cert Type: 841s SSL Client, S/MIME 841s Netscape Comment: 841s Test Organization Intermediate CA trusted Certificate 841s X509v3 Subject Key Identifier: 841s D0:1D:96:E3:2A:74:22:D8:5D:8F:78:5E:D7:D3:67:C1:62:7B:D1:7F 841s X509v3 Key Usage: critical 841s Digital Signature, Non Repudiation, Key Encipherment 841s X509v3 Extended Key Usage: 841s TLS Web Client Authentication, E-mail Protection 841s X509v3 Subject Alternative Name: 841s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 841s Certificate is to be certified until Mar 20 18:35:09 2025 GMT (365 days) 841s 841s Write out database with 1 new entries 841s Database updated 841s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001.pem 841s + echo 'This certificate should not be trusted fully' 841s This certificate should not be trusted fully 841s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001.pem 841s + local cmd=openssl 841s + shift 841s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001.pem 841s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 841s error 2 at 1 depth lookup: unable to get issuer certificate 841s error /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001.pem: verification failed 841s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001.pem 841s /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001.pem: OK 841s + cat 841s + sub_intermediate_ca_trusted_cert_0001_key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-19105 841s + openssl genrsa -aes256 -out /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -passout pass:random-sub-intermediate-ca-trusted-cert-0001-19105 1024 841s + openssl req -new -nodes -reqexts req_exts -passin pass:random-sub-intermediate-ca-trusted-cert-0001-19105 -key /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -config /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.config -out /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 841s + openssl req -text -noout -in /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001-request.pem 841s Certificate Request: 841s Data: 841s Version: 1 (0x0) 841s Subject: O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 841s Subject Public Key Info: 841s Public Key Algorithm: rsaEncryption 841s Public-Key: (1024 bit) 841s Modulus: 841s 00:a5:17:07:62:74:41:b5:07:f9:b3:0f:ce:55:4b: 841s 17:c7:27:54:ad:22:63:21:ac:b6:38:d7:9a:d4:e0: 841s d2:08:99:37:5b:44:49:49:ae:0e:18:d6:17:2a:33: 841s 37:66:b0:18:dc:67:06:8e:18:39:7a:a7:46:5e:4f: 841s 41:09:55:0a:d2:d5:df:0c:04:9e:ab:ff:b3:39:6f: 841s f2:fe:6e:ef:b2:5a:ea:42:f4:72:bc:d2:fa:ef:3b: 841s bb:25:f5:b3:90:d7:7d:1e:74:48:37:9c:37:8d:cd: 841s 14:82:5d:ed:51:bd:f0:94:1c:cb:85:c9:02:eb:04: 841s 8d:b9:c0:23:cc:3c:17:46:25 841s Exponent: 65537 (0x10001) 841s Attributes: 841s Requested Extensions: 841s X509v3 Basic Constraints: 841s CA:FALSE 841s Netscape Cert Type: 841s SSL Client, S/MIME 841s Netscape Comment: 841s Test Organization Sub Intermediate CA trusted Certificate 841s X509v3 Subject Key Identifier: 841s E5:37:93:77:B0:95:62:F7:0E:FD:E0:F0:AB:B7:C7:5B:56:79:DC:99 841s X509v3 Key Usage: critical 841s Digital Signature, Non Repudiation, Key Encipherment 841s X509v3 Extended Key Usage: 841s TLS Web Client Authentication, E-mail Protection 841s X509v3 Subject Alternative Name: 841s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 841s Signature Algorithm: sha256WithRSAEncryption 841s Signature Value: 841s 01:63:ef:89:94:43:15:b4:60:02:c5:c0:ee:cb:3c:33:eb:bc: 841s 82:49:5d:de:34:e7:87:0b:44:5d:a6:89:65:2e:03:94:e4:0e: 841s c7:15:7d:c3:bb:26:58:71:ee:1a:4f:84:04:c4:8e:2f:1a:62: 841s a2:74:77:a4:71:f0:7c:91:15:d1:90:0d:b7:20:e1:fd:10:8c: 841s 7d:48:bb:8d:99:3b:56:fd:b4:af:d9:77:9a:75:58:11:f8:e1: 841s 53:a6:2e:40:4a:56:08:61:6f:30:a8:da:ca:b4:fe:fd:09:92: 841s 0c:66:40:8c:06:dc:30:f3:ed:f6:da:a6:aa:64:66:9a:8e:99: 841s 47:24 841s + openssl ca -passin pass:random-sub-intermediate-CA-password-4987 -config /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA.config -batch -notext -keyfile /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-key.pem -in /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001-request.pem -days 365 -extensions usr_cert -out /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem 841s Using configuration from /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA.config 841s Check that the request matches the signature 841s Signature ok 841s Certificate Details: 841s Serial Number: 5 (0x5) 841s Validity 841s Not Before: Mar 20 18:35:09 2024 GMT 841s Not After : Mar 20 18:35:09 2025 GMT 841s Subject: 841s organizationName = Test Organization 841s organizationalUnitName = Test Organization Unit 841s commonName = Test Organization Sub Intermediate Trusted Certificate 0001 841s X509v3 extensions: 841s X509v3 Authority Key Identifier: 841s 18:03:67:2B:9C:F6:5D:CE:99:19:F3:85:F6:31:0A:D3:14:E6:E2:96 841s X509v3 Basic Constraints: 841s CA:FALSE 841s Netscape Cert Type: 841s SSL Client, S/MIME 841s Netscape Comment: 841s Test Organization Sub Intermediate CA trusted Certificate 841s X509v3 Subject Key Identifier: 841s E5:37:93:77:B0:95:62:F7:0E:FD:E0:F0:AB:B7:C7:5B:56:79:DC:99 841s X509v3 Key Usage: critical 841s Digital Signature, Non Repudiation, Key Encipherment 841s X509v3 Extended Key Usage: 841s TLS Web Client Authentication, E-mail Protection 841s X509v3 Subject Alternative Name: 841s email:mail@3v1n0.net, URI:https://github.com/3v1n0/ 841s Certificate is to be certified until Mar 20 18:35:09 2025 GMT (365 days) 841s 841s Write out database with 1 new entries 841s Database updated 841s + openssl x509 -noout -in /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem 841s This certificate should not be trusted fully 841s + echo 'This certificate should not be trusted fully' 841s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem 841s + local cmd=openssl 841s + shift 841s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem 841s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 841s error 2 at 1 depth lookup: unable to get issuer certificate 841s error /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 841s + expect_fail openssl verify -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem 841s + local cmd=openssl 841s + shift 841s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem 841s /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 841s Building a the full-chain CA file... 841s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 841s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 841s 841s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 841s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Root CA 841s 841s subject=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate CA 841s issuer=O = Test Organization, OU = Test Organization Unit, CN = Test Organization Intermediate CA 841s 841s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 841s error 20 at 0 depth lookup: unable to get local issuer certificate 841s error /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 841s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem 841s + expect_fail openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem 841s + local cmd=openssl 841s + shift 841s + openssl verify -partial_chain -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem 841s O = Test Organization, OU = Test Organization Unit, CN = Test Organization Sub Intermediate Trusted Certificate 0001 841s error 20 at 0 depth lookup: unable to get local issuer certificate 841s error /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem: verification failed 841s + echo 'Building a the full-chain CA file...' 841s + cat /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA.pem 841s + cat /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.pem 841s + cat /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA.pem 841s + openssl crl2pkcs7 -nocrl -certfile /tmp/sssd-softhsm2-certs-rzEsEj/test-full-chain-CA.pem 841s + openssl pkcs7 -print_certs -noout 841s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.pem 841s /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA.pem: OK 841s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001.pem 841s /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001.pem: OK 841s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001.pem 841s /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001.pem: OK 841s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-root-intermediate-chain-CA.pem 841s /tmp/sssd-softhsm2-certs-rzEsEj/test-root-intermediate-chain-CA.pem: OK 841s + openssl verify -CAfile /tmp/sssd-softhsm2-certs-rzEsEj/test-full-chain-CA.pem /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem 841s /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem: OK 841s + echo 'Certificates generation completed!' 841s Certificates generation completed! 841s + [[ -v NO_SSSD_TESTS ]] 841s + [[ -v GENERATE_SMART_CARDS ]] 841s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001.pem pass:random-root-ca-trusted-cert-0001-31421 841s + local certificate=/tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001.pem 841s + local key_pass=pass:random-root-ca-trusted-cert-0001-31421 841s + local key_cn 841s + local key_name 841s + local tokens_dir 841s + local output_cert_file 841s + token_name= 841s ++ basename /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001.pem .pem 841s + key_name=test-root-CA-trusted-certificate-0001 841s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001.pem 841s ++ sed -n 's/ *commonName *= //p' 841s + key_cn='Test Organization Root Trusted Certificate 0001' 841s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 841s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-root-CA-trusted-certificate-0001.conf 841s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-root-CA-trusted-certificate-0001.conf 841s ++ basename /tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-root-CA-trusted-certificate-0001.conf .conf 841s + tokens_dir=/tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-root-CA-trusted-certificate-0001 841s + token_name='Test Organization Root Tr Token' 841s + '[' '!' -e /tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-root-CA-trusted-certificate-0001.conf ']' 841s + local key_file 841s + local decrypted_key 841s + mkdir -p /tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-root-CA-trusted-certificate-0001 841s + key_file=/tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001-key.pem 841s + decrypted_key=/tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001-key-decrypted.pem 841s + cat 841s + softhsm2-util --init-token --label 'Test Organization Root Tr Token' --pin 123456 --so-pin 123456 --free 841s Slot 0 has a free/uninitialized token. 841s The token has been initialized and is reassigned to slot 233184649 841s + softhsm2-util --show-slots 841s Available slots: 841s Slot 233184649 841s Slot info: 841s Description: SoftHSM slot ID 0xde61d89 841s Manufacturer ID: SoftHSM project 841s Hardware version: 2.6 841s Firmware version: 2.6 841s Token present: yes 841s Token info: 841s Manufacturer ID: SoftHSM project 841s Model: SoftHSM v2 841s Hardware version: 2.6 841s Firmware version: 2.6 841s Serial number: 65a4f2b28de61d89 841s Initialized: yes 841s User PIN init.: yes 841s Label: Test Organization Root Tr Token 841s Slot 1 841s Slot info: 841s Description: SoftHSM slot ID 0x1 841s Manufacturer ID: SoftHSM project 841s Hardware version: 2.6 841s Firmware version: 2.6 841s Token present: yes 841s Token info: 841s Manufacturer ID: SoftHSM project 841s Model: SoftHSM v2 841s Hardware version: 2.6 841s Firmware version: 2.6 841s Serial number: 841s Initialized: no 841s User PIN init.: no 841s Label: 841s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 841s + openssl rsa -passin pass:random-root-ca-trusted-cert-0001-31421 -in /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001-key-decrypted.pem 841s writing RSA key 841s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Root Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 841s + rm /tmp/sssd-softhsm2-certs-rzEsEj/test-root-CA-trusted-certificate-0001-key-decrypted.pem 841s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 841s + echo 'Test Organization Root Tr Token' 841s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001.pem pass:random-intermediate-ca-trusted-cert-0001-8453 841s + local certificate=/tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001.pem 841s + local key_pass=pass:random-intermediate-ca-trusted-cert-0001-8453 841s + local key_cn 841s + local key_name 841s + local tokens_dir 841s + local output_cert_file 841s + token_name= 841s ++ basename /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001.pem .pem 841s Object 0: 841s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=65a4f2b28de61d89;token=Test%20Organization%20Root%20Tr%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Root%20Trusted%20Certificate%200001;type=cert 841s Type: X.509 Certificate (RSA-1024) 841s Expires: Thu Mar 20 18:35:09 2025 841s Label: Test Organization Root Trusted Certificate 0001 841s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 841s 841s Test Organization Root Tr Token 841s + key_name=test-intermediate-CA-trusted-certificate-0001 841s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001.pem 841s ++ sed -n 's/ *commonName *= //p' 841s + key_cn='Test Organization Intermediate Trusted Certificate 0001' 841s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 841s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 841s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf 841s ++ basename /tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf .conf 841s + tokens_dir=/tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-intermediate-CA-trusted-certificate-0001 841s + token_name='Test Organization Interme Token' 841s + '[' '!' -e /tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-intermediate-CA-trusted-certificate-0001.conf ']' 841s + local key_file 841s + local decrypted_key 841s + mkdir -p /tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-intermediate-CA-trusted-certificate-0001 841s + key_file=/tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001-key.pem 841s + decrypted_key=/tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 841s + cat 841s + softhsm2-util --init-token --label 'Test Organization Interme Token' --pin 123456 --so-pin 123456 --free 842s Slot 0 has a free/uninitialized token. 842s The token has been initialized and is reassigned to slot 979116724 842s + softhsm2-util --show-slots 842s Available slots: 842s Slot 979116724 842s Slot info: 842s Description: SoftHSM slot ID 0x3a5c22b4 842s Manufacturer ID: SoftHSM project 842s Hardware version: 2.6 842s Firmware version: 2.6 842s Token present: yes 842s Token info: 842s Manufacturer ID: SoftHSM project 842s Model: SoftHSM v2 842s Hardware version: 2.6 842s Firmware version: 2.6 842s Serial number: d614558b3a5c22b4 842s Initialized: yes 842s User PIN init.: yes 842s Label: Test Organization Interme Token 842s Slot 1 842s Slot info: 842s Description: SoftHSM slot ID 0x1 842s Manufacturer ID: SoftHSM project 842s Hardware version: 2.6 842s Firmware version: 2.6 842s Token present: yes 842s Token info: 842s Manufacturer ID: SoftHSM project 842s Model: SoftHSM v2 842s Hardware version: 2.6 842s Firmware version: 2.6 842s Serial number: 842s Initialized: no 842s User PIN init.: no 842s Label: 842s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 842s + openssl rsa -passin pass:random-intermediate-ca-trusted-cert-0001-8453 -in /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 842s writing RSA key 842s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 842s + rm /tmp/sssd-softhsm2-certs-rzEsEj/test-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 842s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 842s Object 0: 842s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=d614558b3a5c22b4;token=Test%20Organization%20Interme%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Intermediate%20Trusted%20Certificate%200001;type=cert 842s Type: X.509 Certificate (RSA-1024) 842s Expires: Thu Mar 20 18:35:09 2025 842s Label: Test Organization Intermediate Trusted Certificate 0001 842s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 842s 842s + echo 'Test Organization Interme Token' 842s Test Organization Interme Token 842s + prepare_softhsm2_card /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem pass:random-sub-intermediate-ca-trusted-cert-0001-19105 842s + local certificate=/tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem 842s + local key_pass=pass:random-sub-intermediate-ca-trusted-cert-0001-19105 842s + local key_cn 842s + local key_name 842s + local tokens_dir 842s + local output_cert_file 842s + token_name= 842s ++ basename /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem .pem 842s + key_name=test-sub-intermediate-CA-trusted-certificate-0001 842s ++ openssl x509 -noout -subject -nameopt multiline -in /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem 842s ++ sed -n 's/ *commonName *= //p' 842s + key_cn='Test Organization Sub Intermediate Trusted Certificate 0001' 842s + '[' -v SOFTHSM2_ISOLATED_CONFIGS ']' 842s + export SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 842s + SOFTHSM2_CONF=/tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 842s ++ basename /tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf .conf 842s + tokens_dir=/tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 842s + token_name='Test Organization Sub Int Token' 842s + '[' '!' -e /tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf ']' 842s + local key_file 842s + local decrypted_key 842s + mkdir -p /tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001 842s + key_file=/tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001-key.pem 842s + decrypted_key=/tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 842s + cat 842s + softhsm2-util --init-token --label 'Test Organization Sub Int Token' --pin 123456 --so-pin 123456 --free 842s Slot 0 has a free/uninitialized token. 842s The token has been initialized and is reassigned to slot 670107532 842s + softhsm2-util --show-slots 842s Available slots: 842s Slot 670107532 842s Slot info: 842s Description: SoftHSM slot ID 0x27f1078c 842s Manufacturer ID: SoftHSM project 842s Hardware version: 2.6 842s Firmware version: 2.6 842s Token present: yes 842s Token info: 842s Manufacturer ID: SoftHSM project 842s Model: SoftHSM v2 842s Hardware version: 2.6 842s Firmware version: 2.6 842s Serial number: 7fcb2a0127f1078c 842s Initialized: yes 842s User PIN init.: yes 842s Label: Test Organization Sub Int Token 842s Slot 1 842s Slot info: 842s Description: SoftHSM slot ID 0x1 842s Manufacturer ID: SoftHSM project 842s Hardware version: 2.6 842s Firmware version: 2.6 842s Token present: yes 842s Token info: 842s Manufacturer ID: SoftHSM project 842s Model: SoftHSM v2 842s Hardware version: 2.6 842s Firmware version: 2.6 842s Serial number: 842s Initialized: no 842s User PIN init.: no 842s Label: 842s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --no-mark-private --load-certificate=/tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001' --id 00112233445566778899FFAABBCCDDEEFF012345 842s + openssl rsa -passin pass:random-sub-intermediate-ca-trusted-cert-0001-19105 -in /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001-key.pem -out /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 842s writing RSA key 842s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --write --load-privkey=/tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem --login --set-pin=123456 --label 'Test Organization Sub Intermediate Trusted Certificate 0001 Key' --id 00112233445566778899FFAABBCCDDEEFF012345 842s + rm /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA-trusted-certificate-0001-key-decrypted.pem 842s + p11tool --provider=/usr/lib/aarch64-linux-gnu/softhsm/libsofthsm2.so --list-all 842s Object 0: 842s URL: pkcs11:model=SoftHSM%20v2;manufacturer=SoftHSM%20project;serial=7fcb2a0127f1078c;token=Test%20Organization%20Sub%20Int%20Token;id=%00%11%22%33%44%55%66%77%88%99%FF%AA%BB%CC%DD%EE%FF%01%23%45;object=Test%20Organization%20Sub%20Intermediate%20Trusted%20Certificate%200001;type=cert 842s Type: X.509 Certificate (RSA-1024) 842s Expires: Thu Mar 20 18:35:09 2025 842s Label: Test Organization Sub Intermediate Trusted Certificate 0001 842s ID: 00:11:22:33:44:55:66:77:88:99:ff:aa:bb:cc:dd:ee:ff:01:23:45 842s 842s Test Organization Sub Int Token 842s Certificates generation completed! 842s + echo 'Test Organization Sub Int Token' 842s + echo 'Certificates generation completed!' 842s + exit 0 842s + find /tmp/sssd-softhsm2-certs-rzEsEj -type d -exec chmod 777 '{}' ';' 842s + find /tmp/sssd-softhsm2-certs-rzEsEj -type f -exec chmod 666 '{}' ';' 842s + backup_file /etc/sssd/sssd.conf 842s + '[' -z '' ']' 842s ++ mktemp -d -t sssd-softhsm2-backups-XXXXXX 842s + backupsdir=/tmp/sssd-softhsm2-backups-yFnJiE 842s + '[' -e /etc/sssd/sssd.conf ']' 842s + delete_paths+=("$1") 842s + rm -f /etc/sssd/sssd.conf 842s ++ runuser -u ubuntu -- sh -c 'echo ~' 842s + user_home=/home/ubuntu 842s + mkdir -p /home/ubuntu 842s + chown ubuntu:ubuntu /home/ubuntu 842s ++ runuser -u ubuntu -- sh -c 'echo ${XDG_CONFIG_HOME:-~/.config}' 842s + user_config=/home/ubuntu/.config 842s + system_config=/etc 842s + softhsm2_conf_paths=("${AUTOPKGTEST_NORMAL_USER}:$user_config/softhsm2/softhsm2.conf" "root:$system_config/softhsm/softhsm2.conf") 842s + for path_pair in "${softhsm2_conf_paths[@]}" 842s + IFS=: 842s + read -r -a path 842s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 842s + backup_file /home/ubuntu/.config/softhsm2/softhsm2.conf 842s + '[' -z /tmp/sssd-softhsm2-backups-yFnJiE ']' 842s + '[' -e /home/ubuntu/.config/softhsm2/softhsm2.conf ']' 842s + delete_paths+=("$1") 842s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 842s Using CA DB '/tmp/sssd-softhsm2-certs-rzEsEj/test-full-chain-CA.pem' with verification options: '' 842s + for path_pair in "${softhsm2_conf_paths[@]}" 842s + IFS=: 842s + read -r -a path 842s + path=/etc/softhsm/softhsm2.conf 842s + backup_file /etc/softhsm/softhsm2.conf 842s + '[' -z /tmp/sssd-softhsm2-backups-yFnJiE ']' 842s + '[' -e /etc/softhsm/softhsm2.conf ']' 842s ++ dirname /etc/softhsm/softhsm2.conf 842s + local back_dir=/tmp/sssd-softhsm2-backups-yFnJiE//etc/softhsm 842s ++ basename /etc/softhsm/softhsm2.conf 842s + local back_path=/tmp/sssd-softhsm2-backups-yFnJiE//etc/softhsm/softhsm2.conf 842s + '[' '!' -e /tmp/sssd-softhsm2-backups-yFnJiE//etc/softhsm/softhsm2.conf ']' 842s + mkdir -p /tmp/sssd-softhsm2-backups-yFnJiE//etc/softhsm 842s + cp -a /etc/softhsm/softhsm2.conf /tmp/sssd-softhsm2-backups-yFnJiE//etc/softhsm/softhsm2.conf 842s + restore_paths+=("$back_path") 842s + rm -f /etc/softhsm/softhsm2.conf 842s + test_authentication login /tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-root-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-rzEsEj/test-full-chain-CA.pem 842s + pam_service=login 842s + certificate_config=/tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-root-CA-trusted-certificate-0001.conf 842s + ca_db=/tmp/sssd-softhsm2-certs-rzEsEj/test-full-chain-CA.pem 842s + verification_options= 842s + mkdir -p -m 700 /etc/sssd 842s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-rzEsEj/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 842s + cat 842s + chmod 600 /etc/sssd/sssd.conf 842s + for path_pair in "${softhsm2_conf_paths[@]}" 842s + IFS=: 842s + read -r -a path 842s + user=ubuntu 842s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 842s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 842s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 842s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-root-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 842s + runuser -u ubuntu -- softhsm2-util --show-slots 842s + grep 'Test Organization' 842s Label: Test Organization Root Tr Token 842s + for path_pair in "${softhsm2_conf_paths[@]}" 842s + IFS=: 842s + read -r -a path 842s + user=root 842s + path=/etc/softhsm/softhsm2.conf 842s ++ dirname /etc/softhsm/softhsm2.conf 842s + runuser -u root -- mkdir -p /etc/softhsm 842s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-root-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 842s + runuser -u root -- softhsm2-util --show-slots 842s + grep 'Test Organization' 842s Label: Test Organization Root Tr Token 842s + systemctl restart sssd 842s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 843s + for alternative in "${alternative_pam_configs[@]}" 843s + pam-auth-update --enable sss-smart-card-optional 843s # 843s # /etc/pam.d/common-auth - authentication settings common to all services 843s # 843s # This file is included from other service-specific PAM config files, 843s # and should contain a list of the authentication modules that define 843s # the central authentication scheme for use on the system 843s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 843s # traditional Unix authentication mechanisms. 843s # 843s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 843s # To take advantage of this, it is recommended that you configure any 843s # local modules either before or after the default block, and use 843s # pam-auth-update to manage selection of other modules. See 843s # pam-auth-update(8) for details. 843s 843s # here are the per-package modules (the "Primary" block) 843s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 843s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 843s auth [success=1 default=ignore] pam_sss.so use_first_pass 843s # here's the fallback if no module succeeds 843s auth requisite pam_deny.so 843s # prime the stack with a positive return value if there isn't one already; 843s # this avoids us returning an error just because nothing sets a success code 843s # since the modules above will each just jump around 843s auth required pam_permit.so 843s # and here are more per-package modules (the "Additional" block) 843s auth optional pam_cap.so 843s # end of pam-auth-update config 843s + cat /etc/pam.d/common-auth 843s + echo -n -e 123456 843s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 843s pamtester: invoking pam_start(login, ubuntu, ...) 843s pamtester: performing operation - authenticate 843s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 843s + echo -n -e 123456 843s + runuser -u ubuntu -- pamtester -v login '' authenticate 843s pamtester: invoking pam_start(login, , ...) 843s pamtester: performing operation - authenticate 844s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 844s + echo -n -e wrong123456 844s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 844s pamtester: invoking pam_start(login, ubuntu, ...) 844s pamtester: performing operation - authenticate 846s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 846s + echo -n -e wrong123456 846s + runuser -u ubuntu -- pamtester -v login '' authenticate 847s pamtester: invoking pam_start(login, , ...) 847s pamtester: performing operation - authenticate 851s PIN for Test Organization Root Tr Token: Password: pamtester: Authentication failure 851s + echo -n -e 123456 851s + pamtester -v login root authenticate 851s pamtester: invoking pam_start(login, root, ...) 851s pamtester: performing operation - authenticate 853s Password: pamtester: Authentication failure 853s + for alternative in "${alternative_pam_configs[@]}" 853s + pam-auth-update --enable sss-smart-card-required 854s PAM configuration 854s ----------------- 854s 854s Incompatible PAM profiles selected. 854s 854s The following PAM profiles cannot be used together: 854s 854s SSS required smart card authentication, SSS optional smart card 854s authentication 854s 854s Please select a different set of modules to enable. 854s 854s + cat /etc/pam.d/common-auth 854s # 854s # /etc/pam.d/common-auth - authentication settings common to all services 854s # 854s # This file is included from other service-specific PAM config files, 854s # and should contain a list of the authentication modules that define 854s # the central authentication scheme for use on the system 854s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 854s # traditional Unix authentication mechanisms. 854s # 854s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 854s # To take advantage of this, it is recommended that you configure any 854s # local modules either before or after the default block, and use 854s # pam-auth-update to manage selection of other modules. See 854s # pam-auth-update(8) for details. 854s 854s # here are the per-package modules (the "Primary" block) 854s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 854s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 854s auth [success=1 default=ignore] pam_sss.so use_first_pass 854s # here's the fallback if no module succeeds 854s auth requisite pam_deny.so 854s # prime the stack with a positive return value if there isn't one already; 854s # this avoids us returning an error just because nothing sets a success code 854s # since the modules above will each just jump around 854s auth required pam_permit.so 854s # and here are more per-package modules (the "Additional" block) 854s auth optional pam_cap.so 854s # end of pam-auth-update config 854s + echo -n -e 123456 854s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 854s pamtester: invoking pam_start(login, ubuntu, ...) 854s pamtester: performing operation - authenticate 854s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 854s + echo -n -e 123456 854s + runuser -u ubuntu -- pamtester -v login '' authenticate 854s pamtester: invoking pam_start(login, , ...) 854s pamtester: performing operation - authenticate 854s PIN for Test Organization Root Tr Token: pamtester: successfully authenticated 854s + echo -n -e wrong123456 854s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 854s pamtester: invoking pam_start(login, ubuntu, ...) 854s pamtester: performing operation - authenticate 857s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 857s + echo -n -e wrong123456 857s + runuser -u ubuntu -- pamtester -v login '' authenticate 857s pamtester: invoking pam_start(login, , ...) 857s pamtester: performing operation - authenticate 861s PIN for Test Organization Root Tr Token: pamtester: Authentication failure 861s + echo -n -e 123456 861s + pamtester -v login root authenticate 861s pamtester: invoking pam_start(login, root, ...) 861s pamtester: performing operation - authenticate 863s pamtester: Authentication service cannot retrieve authentication info 863s + test_authentication login /tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-rzEsEj/test-full-chain-CA.pem 863s + pam_service=login 863s + certificate_config=/tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 863s + ca_db=/tmp/sssd-softhsm2-certs-rzEsEj/test-full-chain-CA.pem 863s + verification_options= 863s + mkdir -p -m 700 /etc/sssd 863s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-rzEsEj/test-full-chain-CA.pem'\'' with verification options: '\'''\''' 863s + cat 863s Using CA DB '/tmp/sssd-softhsm2-certs-rzEsEj/test-full-chain-CA.pem' with verification options: '' 863s + chmod 600 /etc/sssd/sssd.conf 863s + for path_pair in "${softhsm2_conf_paths[@]}" 863s + IFS=: 863s + read -r -a path 863s + user=ubuntu 863s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 863s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 863s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 863s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 863s + runuser -u ubuntu -- softhsm2-util --show-slots 863s + grep 'Test Organization' 863s Label: Test Organization Sub Int Token 863s + for path_pair in "${softhsm2_conf_paths[@]}" 863s + IFS=: 863s + read -r -a path 863s + user=root 863s + path=/etc/softhsm/softhsm2.conf 863s ++ dirname /etc/softhsm/softhsm2.conf 863s + runuser -u root -- mkdir -p /etc/softhsm 863s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 863s + runuser -u root -- softhsm2-util --show-slots 863s + grep 'Test Organization' 863s + systemctl restart sssd 863s Label: Test Organization Sub Int Token 863s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 864s + for alternative in "${alternative_pam_configs[@]}" 864s + pam-auth-update --enable sss-smart-card-optional 864s + cat /etc/pam.d/common-auth 864s # 864s # /etc/pam.d/common-auth - authentication settings common to all services 864s # 864s # This file is included from other service-specific PAM config files, 864s # and should contain a list of the authentication modules that define 864s # the central authentication scheme for use on the system 864s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 864s # traditional Unix authentication mechanisms. 864s # 864s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 864s # To take advantage of this, it is recommended that you configure any 864s # local modules either before or after the default block, and use 864s # pam-auth-update to manage selection of other modules. See 864s # pam-auth-update(8) for details. 864s 864s # here are the per-package modules (the "Primary" block) 864s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 864s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 864s auth [success=1 default=ignore] pam_sss.so use_first_pass 864s # here's the fallback if no module succeeds 864s auth requisite pam_deny.so 864s # prime the stack with a positive return value if there isn't one already; 864s # this avoids us returning an error just because nothing sets a success code 864s # since the modules above will each just jump around 864s auth required pam_permit.so 864s # and here are more per-package modules (the "Additional" block) 864s auth optional pam_cap.so 864s # end of pam-auth-update config 864s + echo -n -e 123456 864s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 864s pamtester: invoking pam_start(login, ubuntu, ...) 864s pamtester: performing operation - authenticate 864s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 864s + echo -n -e 123456 864s + runuser -u ubuntu -- pamtester -v login '' authenticate 864s pamtester: invoking pam_start(login, , ...) 864s pamtester: performing operation - authenticate 864s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 864s + echo -n -e wrong123456 864s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 865s pamtester: invoking pam_start(login, ubuntu, ...) 865s pamtester: performing operation - authenticate 868s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 868s + echo -n -e wrong123456 868s + runuser -u ubuntu -- pamtester -v login '' authenticate 868s pamtester: invoking pam_start(login, , ...) 868s pamtester: performing operation - authenticate 871s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 871s + echo -n -e 123456 871s + pamtester -v login root authenticate 871s pamtester: invoking pam_start(login, root, ...) 871s pamtester: performing operation - authenticate 874s Password: pamtester: Authentication failure 874s + for alternative in "${alternative_pam_configs[@]}" 874s + pam-auth-update --enable sss-smart-card-required 875s PAM configuration 875s ----------------- 875s 875s Incompatible PAM profiles selected. 875s 875s The following PAM profiles cannot be used together: 875s 875s SSS required smart card authentication, SSS optional smart card 875s authentication 875s 875s Please select a different set of modules to enable. 875s 875s + cat /etc/pam.d/common-auth 875s # 875s # /etc/pam.d/common-auth - authentication settings common to all services 875s # 875s # This file is included from other service-specific PAM config files, 875s # and should contain a list of the authentication modules that define 875s # the central authentication scheme for use on the system 875s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 875s # traditional Unix authentication mechanisms. 875s # 875s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 875s # To take advantage of this, it is recommended that you configure any 875s # local modules either before or after the default block, and use 875s # pam-auth-update to manage selection of other modules. See 875s # pam-auth-update(8) for details. 875s 875s # here are the per-package modules (the "Primary" block) 875s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 875s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 875s auth [success=1 default=ignore] pam_sss.so use_first_pass 875s # here's the fallback if no module succeeds 875s auth requisite pam_deny.so 875s # prime the stack with a positive return value if there isn't one already; 875s # this avoids us returning an error just because nothing sets a success code 875s # since the modules above will each just jump around 875s auth required pam_permit.so 875s # and here are more per-package modules (the "Additional" block) 875s auth optional pam_cap.so 875s # end of pam-auth-update config 875s + echo -n -e 123456 875s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 875s pamtester: invoking pam_start(login, ubuntu, ...) 875s pamtester: performing operation - authenticate 875s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 875s + echo -n -e 123456 875s + runuser -u ubuntu -- pamtester -v login '' authenticate 875s pamtester: invoking pam_start(login, , ...) 875s pamtester: performing operation - authenticate 875s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 875s + echo -n -e wrong123456 875s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 875s pamtester: invoking pam_start(login, ubuntu, ...) 875s pamtester: performing operation - authenticate 878s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 878s + echo -n -e wrong123456 878s + runuser -u ubuntu -- pamtester -v login '' authenticate 878s pamtester: invoking pam_start(login, , ...) 878s pamtester: performing operation - authenticate 881s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 881s + echo -n -e 123456 881s + pamtester -v login root authenticate 881s pamtester: invoking pam_start(login, root, ...) 881s pamtester: performing operation - authenticate 885s pamtester: Authentication service cannot retrieve authentication info 885s Using CA DB '/tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA.pem' with verification options: 'partial_chain' 885s + test_authentication login /tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA.pem partial_chain 885s + pam_service=login 885s + certificate_config=/tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf 885s + ca_db=/tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA.pem 885s + verification_options=partial_chain 885s + mkdir -p -m 700 /etc/sssd 885s + echo 'Using CA DB '\''/tmp/sssd-softhsm2-certs-rzEsEj/test-sub-intermediate-CA.pem'\'' with verification options: '\''partial_chain'\''' 885s + cat 885s + chmod 600 /etc/sssd/sssd.conf 885s + for path_pair in "${softhsm2_conf_paths[@]}" 885s + IFS=: 885s + read -r -a path 885s + user=ubuntu 885s + path=/home/ubuntu/.config/softhsm2/softhsm2.conf 885s ++ dirname /home/ubuntu/.config/softhsm2/softhsm2.conf 885s + runuser -u ubuntu -- mkdir -p /home/ubuntu/.config/softhsm2 885s + runuser -u ubuntu -- ln -sf /tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /home/ubuntu/.config/softhsm2/softhsm2.conf 885s + runuser -u ubuntu -- softhsm2-util --show-slots 885s + grep 'Test Organization' 885s + for path_pair in "${softhsm2_conf_paths[@]}" 885s Label: Test Organization Sub Int Token 885s + IFS=: 885s + read -r -a path 885s + user=root 885s + path=/etc/softhsm/softhsm2.conf 885s ++ dirname /etc/softhsm/softhsm2.conf 885s + runuser -u root -- mkdir -p /etc/softhsm 885s + runuser -u root -- ln -sf /tmp/sssd-softhsm2-certs-rzEsEj/softhsm2-test-sub-intermediate-CA-trusted-certificate-0001.conf /etc/softhsm/softhsm2.conf 885s + runuser -u root -- softhsm2-util --show-slots 885s + grep 'Test Organization' 885s Label: Test Organization Sub Int Token 885s + systemctl restart sssd 885s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 886s + for alternative in "${alternative_pam_configs[@]}" 886s + pam-auth-update --enable sss-smart-card-optional 886s + cat /etc/pam.d/common-auth 886s # 886s # /etc/pam.d/common-auth - authentication settings common to all services 886s # 886s # This file is included from other service-specific PAM config files, 886s # and should contain a list of the authentication modules that define 886s # the central authentication scheme for use on the system 886s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 886s # traditional Unix authentication mechanisms. 886s # 886s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 886s # To take advantage of this, it is recommended that you configure any 886s # local modules either before or after the default block, and use 886s # pam-auth-update to manage selection of other modules. See 886s # pam-auth-update(8) for details. 886s 886s # here are the per-package modules (the "Primary" block) 886s auth [success=3 default=ignore] pam_sss.so allow_missing_name try_cert_auth 886s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 886s auth [success=1 default=ignore] pam_sss.so use_first_pass 886s # here's the fallback if no module succeeds 886s auth requisite pam_deny.so 886s # prime the stack with a positive return value if there isn't one already; 886s # this avoids us returning an error just because nothing sets a success code 886s # since the modules above will each just jump around 886s auth required pam_permit.so 886s # and here are more per-package modules (the "Additional" block) 886s auth optional pam_cap.so 886s # end of pam-auth-update config 886s + echo -n -e 123456 886s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 886s pamtester: invoking pam_start(login, ubuntu, ...) 886s pamtester: performing operation - authenticate 886s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 886s + echo -n -e 123456 886s + runuser -u ubuntu -- pamtester -v login '' authenticate 886s pamtester: invoking pam_start(login, , ...) 886s pamtester: performing operation - authenticate 886s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 886s + echo -n -e wrong123456 886s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 886s pamtester: invoking pam_start(login, ubuntu, ...) 886s pamtester: performing operation - authenticate 889s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 889s + echo -n -e wrong123456 889s + runuser -u ubuntu -- pamtester -v login '' authenticate 889s pamtester: invoking pam_start(login, , ...) 889s pamtester: performing operation - authenticate 893s PIN for Test Organization Sub Int Token: Password: pamtester: Authentication failure 893s + echo -n -e 123456 893s + pamtester -v login root authenticate 893s pamtester: invoking pam_start(login, root, ...) 893s pamtester: performing operation - authenticate 896s Password: pamtester: Authentication failure 896s + for alternative in "${alternative_pam_configs[@]}" 896s + pam-auth-update --enable sss-smart-card-required 897s PAM configuration 897s ----------------- 897s 897s Incompatible PAM profiles selected. 897s 897s The following PAM profiles cannot be used together: 897s 897s SSS required smart card authentication, SSS optional smart card 897s authentication 897s 897s Please select a different set of modules to enable. 897s 897s + cat /etc/pam.d/common-auth 897s # 897s # /etc/pam.d/common-auth - authentication settings common to all services 897s # 897s # This file is included from other service-specific PAM config files, 897s # and should contain a list of the authentication modules that define 897s # the central authentication scheme for use on the system 897s # (e.g., /etc/shadow, LDAP, Kerberos, etc.). The default is to use the 897s # traditional Unix authentication mechanisms. 897s # 897s # As of pam 1.0.1-6, this file is managed by pam-auth-update by default. 897s # To take advantage of this, it is recommended that you configure any 897s # local modules either before or after the default block, and use 897s # pam-auth-update to manage selection of other modules. See 897s # pam-auth-update(8) for details. 897s 897s # here are the per-package modules (the "Primary" block) 897s auth [success=3 ignore=ignore default=die] pam_sss.so allow_missing_name require_cert_auth 897s auth [success=2 default=ignore] pam_unix.so nullok try_first_pass 897s auth [success=1 default=ignore] pam_sss.so use_first_pass 897s # here's the fallback if no module succeeds 897s auth requisite pam_deny.so 897s # prime the stack with a positive return value if there isn't one already; 897s # this avoids us returning an error just because nothing sets a success code 897s # since the modules above will each just jump around 897s auth required pam_permit.so 897s # and here are more per-package modules (the "Additional" block) 897s auth optional pam_cap.so 897s # end of pam-auth-update config 897s + echo -n -e 123456 897s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 897s pamtester: invoking pam_start(login, ubuntu, ...) 897s pamtester: performing operation - authenticate 897s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 897s + echo -n -e 123456 897s + runuser -u ubuntu -- pamtester -v login '' authenticate 897s pamtester: invoking pam_start(login, , ...) 897s pamtester: performing operation - authenticate 897s PIN for Test Organization Sub Int Token: pamtester: successfully authenticated 897s + echo -n -e wrong123456 897s + runuser -u ubuntu -- pamtester -v login ubuntu authenticate 897s pamtester: invoking pam_start(login, ubuntu, ...) 897s pamtester: performing operation - authenticate 900s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 900s + echo -n -e wrong123456 900s + runuser -u ubuntu -- pamtester -v login '' authenticate 900s pamtester: invoking pam_start(login, , ...) 900s pamtester: performing operation - authenticate 904s PIN for Test Organization Sub Int Token: pamtester: Authentication failure 904s + echo -n -e 123456 904s + pamtester -v login root authenticate 904s pamtester: invoking pam_start(login, root, ...) 904s pamtester: performing operation - authenticate 907s pamtester: Authentication service cannot retrieve authentication info 907s + handle_exit 907s + exit_code=0 907s + restore_changes 907s + for path in "${restore_paths[@]}" 907s + local original_path 907s ++ realpath --strip --relative-base=/tmp/sssd-softhsm2-backups-yFnJiE /tmp/sssd-softhsm2-backups-yFnJiE//etc/softhsm/softhsm2.conf 907s + original_path=/etc/softhsm/softhsm2.conf 907s + rm /etc/softhsm/softhsm2.conf 907s + mv /tmp/sssd-softhsm2-backups-yFnJiE//etc/softhsm/softhsm2.conf /etc/softhsm/softhsm2.conf 908s + for path in "${delete_paths[@]}" 908s + rm -f /etc/sssd/sssd.conf 908s + for path in "${delete_paths[@]}" 908s + rm -f /home/ubuntu/.config/softhsm2/softhsm2.conf 908s + pam-auth-update --disable sss-smart-card-optional sss-smart-card-required 908s + '[' -e /etc/sssd/sssd.conf ']' 908s + systemctl stop sssd 908s + '[' -e /etc/softhsm/softhsm2.conf ']' 908s + chmod 600 /etc/softhsm/softhsm2.conf 908s + rm -rf /tmp/sssd-softhsm2-certs-rzEsEj 908s + '[' 0 = 0 ']' 908s + rm -rf /tmp/sssd-softhsm2-backups-yFnJiE 908s Script completed successfully! 908s + set +x 908s autopkgtest [18:36:16]: test sssd-smart-card-pam-auth-configs: -----------------------] 909s autopkgtest [18:36:17]: test sssd-smart-card-pam-auth-configs: - - - - - - - - - - results - - - - - - - - - - 909s sssd-smart-card-pam-auth-configs PASS 909s autopkgtest [18:36:17]: @@@@@@@@@@@@@@@@@@@@ summary 909s ldap-user-group-ldap-auth PASS 909s ldap-user-group-krb5-auth PASS 909s sssd-softhism2-certificates-tests.sh PASS 909s sssd-smart-card-pam-auth-configs PASS 923s Creating nova instance adt-noble-arm64-sssd-20240320-182108-juju-7f2275-prod-proposed-migration-environment-2 from image adt/ubuntu-noble-arm64-server-20240319.img (UUID bd25b89b-8264-4402-95d9-d9c88f21f275)... 923s Creating nova instance adt-noble-arm64-sssd-20240320-182108-juju-7f2275-prod-proposed-migration-environment-2 from image adt/ubuntu-noble-arm64-server-20240319.img (UUID bd25b89b-8264-4402-95d9-d9c88f21f275)...